Attackers compromised 19 Python packages on PyPI, including popular science and bioinformatics tools, and planted malware that can steal secrets from developer machines and continuous integration systems. Socket linked the activity to the broader Shai-Hulud campaign and said 37 malicious releases used executable .pth startup hooks to trigger code when Python starts, then fetched the Bun JavaScript runtime to run an obfuscated payload that targeted GitHub, npm, PyPI, AWS, GCP, Azure, Kubernetes, SSH, Docker, Vault, and Claude/MCP credentials.
Why it matters: Developers, researchers, and organizations using these packages may have had passwords, tokens, and cloud keys stolen without obvious signs. Anyone who installed affected versions should treat the environment as compromised, rotate secrets, and rebuild from known-good backups.
Bill Toulas
2026.06.10
55% relevant
The source describes Miasma as an evolution of the earlier Shai-Hulud worm and notes that the earlier leak helped drive more advanced variants, making this a meaningful follow-on development in the same malware lineage affecting package ecosystems.
Ionut Arghire
2026.06.09
97% relevant
This article is a direct expansion of the same Shai-Hulud malware campaign, adding that new Miasma and Hades variants spread across both npm and PyPI from June 1, hit over 100 packages and 471 malicious artifacts, and used updated loader and evasion techniques while continuing credential theft and self-propagation.
Bill Toulas
2026.06.08
100% relevant
This article establishes a distinct new Shai-Hulud campaign on PyPI, separate from the previously tracked npm-focused Shai-Hulud incident.
← Back to all stories