Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels (opens in new tab)  10 articles covering this post

socket.dev··Hacker News·Covered by bleepingcomputer.com + 9 more·Open original (opens in new tab)

Newer packages in this compromise use native extensions and .pth loaders to execute JavaScript stealers in developer environments.

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 10 articles

GitHub disables Microsoft repos pushing password-stealing malware

bleepingcomputer.com··Hacker News

Week 24 – 2026

thisweekin4n6.com·

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

securityweek.com·
View all 10 ›

Keyboard Shortcuts

Navigation

Next / previous item
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Browse
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help