New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
Hackers compromised 19 science-focused packages on PyPI in a Shai-Hulud supply-chain attack. The trojanized packages were collectively downloaded hundreds of thousands of times and delivered malware designed to steal developer secrets.
- Disclosed
- Last updated
- Blast radius
- Hundreds of thousands of downloads across 19 science-focused PyPI packages
- Ecosystems
- Attack vectors
- Affected entities
- 19 science-focused PyPI packagesSpecific package names not provided in source text
A new Shai-Hulud supply-chain attack has compromised 19 packages on the Python Package Index (PyPI). The affected packages are science-focused and have been downloaded hundreds of thousands of times collectively.
The trojanized packages delivered malware designed to steal developer secrets from affected systems. The attack represents a significant supply-chain compromise targeting the Python ecosystem.
The specific package names were not detailed in the available source material, limiting the ability to provide a complete list of affected software.
Remediation
- Identify and audit all installations of the 19 compromised science-focused PyPI packages
- Review and rotate any developer secrets, credentials, or API keys that may have been exposed
- Monitor systems for signs of malware activity or unauthorized access
- Update to patched versions of affected packages once available
- Implement package verification and integrity checks in dependency management workflows
Sources
- New Shai-Hulud attack trojanizes 19 science-focused PyPI packages · BleepingComputer
Cite this entry
"New Shai-Hulud attack trojanizes 19 science-focused PyPI packages." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 8, 2026; last updated June 8, 2026. https://supplychainattack.org/incident/new-shai-hulud-attack-trojanizes-19-science-focused-pypi-packages-1gf74g
Suggest a correction
Found an error or have a newer source? Corrections to factual errors take priority over new entries.
Related incidents
- activecritical
The Hades Campaign: Graph ML PyPI Packages Deploy Cross-Platform Memory Scrapers, AI Analyst Misdirection, and a Wiper Deterrent
On June 8, 2026, multiple Graph ML PyPI packages were compromised in the Hades campaign, deploying cross-platform memory scrapers, AI prompt injections for analyst misdirection, and token-revocation wipers. The attack targeted the bioinformatics ecosystem with sophisticated evasion techniques.
PyPICompromised package - resolvedhigh
durabletask: TeamPCP's Latest PyPi Compromise
Malicious versions of the PyPI package durabletask were published, attributed to the TeamPCP threat actor. The attack matches known TeamPCP tactics used in prior supply chain compromises.
PyPICompromised package - containedcritical
Microsoft's durabletask PyPI Package Compromised in Supply Chain Attack
Three malicious versions of Microsoft's durabletask Python package were published to PyPI on May 19, 2026, containing a 28 KB payload that steals credentials from cloud providers (AWS, Azure, GCP), Kubernetes, password managers, and developer tools. The attack has been attributed to the TeamPCP threat group and exhibits indicators of Eastern European cybercrime operations.
PyPICompromised package - containedcritical
TeamPCP Injects Two-Stage Credential Stealer into xinference PyPI Package
The xinference package on PyPI was compromised with a two-stage credential stealer attributed to the TeamPCP threat actor. The malicious code was injected into the package, potentially affecting users who installed compromised versions.
PyPICompromised packageMalicious maintainer