TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

By rooter

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems.

“The compromised releases shipped a *-setup.pth file that attempts to execute automatically

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

rooter
Cyber Security

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

rooter
Cyber Security

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now

rooter

Leave a Reply

You Missed

News

The Winners of the 61st Nebula Awards Are Here

News

Meta will use your activity on other websites to personalize your feeds

News

The Legend of Zelda: Ocarina of Time is getting a remake for the Switch 2

News

Microsoft AI chief walks back comments about AI taking over white-collar work