Tag: knackiges

soc

Shai-Hulud Hades PyPI Campaign: 19 Packages Trojanized via Wheel Startup Hooks

Shai-Hulud Hades PyPI Campaign: 19 Packages Trojanized via Wheel Startup Hooks A PyPI supply-chain campaign in the Shai-Hulud / Mini Shai-Hulud / Miasma lineage compromised 19 Python packages by shipping trojanized wheel artifacts. Researchers observed 37 malicious wheels that add a Python startup hook (*.pth) to trigger code execution, then bootstrap a Bun runtime to […]

Mehr lesen →
soc

TrapDoor: Malicious npm, PyPI, Crates.io Packages Target Developer Secrets & AI Tooling

TrapDoor: Malicious npm, PyPI, Crates.io Packages Target Developer Secrets & AI Tooling Researchers identified a coordinated supply chain malware campaign named TrapDoor, involving waves of malicious packages across npm, PyPI, and Crates.io. Public reports tie the activity to credential theft and environment compromise, with an emphasis on developer secrets, crypto assets, and persistence on workstations […]

Mehr lesen →