Skip to content
The Nexus
DossierENTITY

PyPI

Coverage of PyPI in the Nexus archive.

Earliest in view: Apr 30 · 23:21 UTCMost recent: May 25 · 09:52 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 25 · 09:52 UTCTHE BLOCK
    Researchers flag TrapDoor malware campaign targeting crypto developer environments including Aptos, Sui and Solana

    Researchers identified the TrapDoor malware campaign using malicious packages on npm, PyPI, and Crates.io to target crypto developer environments, including Aptos, Sui, and Solana. The campaign exploited package repositories to compromise developers working in blockchain ecosystems.

  • SECURITYMay 25 · 05:59 UTCTHE HACKER NEWS
    TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

    A coordinated cross-ecosystem supply chain attack named TrapDoor has distributed credential-stealing malware through npm, PyPI, and Crates.io, involving over 34 malicious packages across 384 versions. The campaign began on May 22, 2026, with packages published in waves from a cluster of sources.

  • SECURITYMay 18 · 11:23 UTCTHE HACKER NEWS
    Developer Workstations Are Now Part of the Software Supply Chain

    Supply chain attackers are targeting developer workstations to steal access and secrets, including API keys and cloud credentials, with three campaigns hitting npm, PyPI, and Docker Hub in a 48-hour window. This highlights the growing risk of software supply chain attacks. The attacks targeted secrets from developer environments and CI/CD pipelines.

  • SECURITYMay 14 · 20:26 UTCRECORDED FUTURE NEWS
    OpenAI asks macOS users to update after TanStack npm supply chain attack

    OpenAI is asking macOS users to update due to a supply chain attack impacting TanStack and other npm and PyPI packages tied to AI companies. The attack is part of an expanding campaign affecting several AI companies. Users are being warned to take action to protect themselves.

  • SECURITYMay 14 · 19:07 UTCBLEEPING COMPUTER
    OpenAI confirms security breach in TanStack supply chain attack

    OpenAI experienced a security breach due to the TanStack supply chain attack, resulting in the compromise of two employees' devices and affecting hundreds of npm and PyPI packages. The company has rotated code-signing certificates as a precautionary measure. This incident highlights the potential risks associated with supply chain attacks.

  • SECURITYMay 12 · 11:29 UTCBLEEPING COMPUTER
    Shai Hulud attack ships signed malicious TanStack, Mistral npm packages

    A new Shai-Hulud supply-chain campaign has compromised hundreds of packages on npm and PyPI, delivering credential-stealing malware targeting developers. The malicious packages include TanStack and Mistral. This campaign affects developers using these packages.

  • SECURITYMay 4 · 17:15 UTCBLEEPING COMPUTER
    Backdoored PyTorch Lightning package drops credential stealer

    A malicious version of the PyTorch Lightning package was published on the Python Package Index, delivering a credential-stealing payload targeting browsers and cloud services. The package is designed to steal sensitive information from users. This incident highlights the importance of verifying software packages before installation.

  • SECURITYApr 30 · 23:21 UTCTHE REGISTER
    The never-ending supply chain attacks worm into SAP npm packages, other dev tools

    A new wave of supply chain attacks has targeted SAP and Intercom npm packages, as well as the lightning PyPI package, spreading credential-stealing malware named Mini Shai-Hulud. The attacks highlight ongoing vulnerabilities in developer tools and package repositories.

PyPI · Dossier · The Nexus