This threat involves a supply chain compromise on PyPI where attackers injected malicious wheel files into 19 packages, leveraging Python startup hooks (.pth files) to execute payloads automatically. The payload downloads the Bun JavaScript runtime to execute obfuscated JavaScript that steals credentials from multiple developer and cloud platforms. The campaign is linked to the Shai-Hulud adversary group and uses advanced obfuscation and encryption techniques to exfiltrate data via GitHub repositories. The attack targets high-value credentials relevant to development and CI/CD environments and stems from apparent maintainer account takeovers of established packages, including those in bioinformatics.

The attack enables credential theft of sensitive developer and CI/CD tokens, including GitHub, npm, PyPI, cloud providers (AWS, GCP, Azure), Kubernetes, Vault, SSH keys, and AI tool tokens. This can lead to unauthorized access to critical development infrastructure and cloud environments. The use of automatic execution via Python startup hooks increases the likelihood of widespread infection among users of the compromised packages. The campaign's multi-layer obfuscation and encrypted exfiltration make detection and mitigation more challenging.

No official patch or remediation guidance is currently available. Users should avoid installing or updating the identified compromised PyPI packages until further notice. Review and revoke potentially exposed credentials associated with affected environments. Monitor for suspicious activity related to developer and CI/CD credentials. Check the referenced vendor advisory and threat intelligence sources for updates on remediation and detection.