{ads}

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

Written By Tuesday, 9 June 2026 Add Comment



June 9, 2026 at 02:43PM

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. "The compromised releases shipped a *-setup.pth file that attempts to execute automatically

from The Hacker News https://ift.tt/Hev5R7a

0 Response to "Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads