TECH NEWS

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

New iterations of the Shai-Hulud supply chain attack have hit over 100 packages across the NPM and PyPI ecosystems, security researchers warn.

Since September 2025, the self-replicating worm has been used in multiple campaigns targeting the open source software (OSS) community, with a surge in attacks observed over the past several months, following the Trivy vulnerability scanner incident.

In mid-May, TeamPCP, the hacking group behind Shai-Hulud, released the worm’s source code, and the first clones emerged shortly after.

Starting June 1, new variants of Shai-Hulud were used as part of broad, coordinated attacks. The first was the Red Hat incident, in which 32 packages part of Red Hat’s Hybrid Cloud Console JavaScript ecosystem were infected.

The Miasma variant

The payload used in the Red Hat attack contained the string “Miasma: The Spreading Blight”, which appeared in several other incidents last week.

Ox Securityidentified nearly a...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

AppSquadz Brings AI-Powered FinOps to the Mainstream with CloudBuddi

How Ashirvad CIO Vipin Rustagi built a digital benchmark in an industry late to technology

We're Tracking Prime Day Live To Find Sales Worth Shopping in 2026

Our favorite Prime Day deals you can shop on day two

The Miasma variant

Read more

AppSquadz Brings AI-Powered FinOps to the Mainstream with CloudBuddi

How Ashirvad CIO Vipin Rustagi built a digital benchmark in an industry late to technology

We're Tracking Prime Day Live To Find Sales Worth Shopping in 2026

Our favorite Prime Day deals you can shop on day two