New iterations of the Shai-Hulud supply chain attack have infected over 100 packages across the NPM and PyPI ecosystems, with the Miasma and Hades variants spreading through open source software. The attacks targeted packages tied to Red Hat, Vapi, ai-sdk-ollama, and other ecosystems while stealing credentials and exfiltrating data through malicious GitHub repositories. #ShaiHulud #Miasma #Hades #RedHat #NPM #PyPI
Keypoints
- Shai-Hulud attacks now span more than 100 packages across NPM and PyPI.
- The TeamPCP group released the wormβs source code, accelerating new clones and variants.
- Miasma infected dozens of NPM packages and harvested credentials, API keys, and tokens.
- Hades spread through PyPI packages using startup execution files and a new loader split evasion method.
- The campaign affected Red Hat, Vapi, ai-sdk-ollama, and other open source ecosystems.
Read More: https://www.securityweek.com/over-100-npm-pypi-packages-hit-in-new-shai-hulud-supply-chain-attacks/