A supply chain attack targeted the popular PyPI package 'lightning' in versions 2.6.2 and 2.6.3, introducing malicious code that runs on import. This code downloads the Bun JavaScript runtime and executes an 11MB obfuscated payload designed to steal credentials such as GitHub tokens, npm tokens, and cloud credentials from AWS, Azure, and Google Cloud. The attack also manipulates CI/CD environments by injecting backdoored files into GitHub repositories and infecting local npm packages via tarball manipulation. The attacker likely compromised the maintainer's GitHub account, enabling suspicious branch operations and suppression of disclosure. The attack shares characteristics with previous Shai-Hulud campaigns. No patch or official fix has been documented in the provided data.

The compromise allows attackers to harvest sensitive credentials across multiple platforms including GitHub, npm, and major cloud providers, potentially enabling further unauthorized access and persistence in victim environments. The infection of CI/CD pipelines and repository poisoning increases the risk of widespread downstream compromise. The attack affects a widely used deep learning framework, potentially impacting many users and organizations relying on it. There are no known exploits in the wild reported yet.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid using versions 2.6.2 and 2.6.3 of the 'lightning' package. Review and rotate any potentially exposed credentials, including GitHub, npm, and cloud service tokens. Inspect CI/CD environments and repositories for unauthorized changes or injected backdoors. Monitor for suspicious activity related to the maintainer's GitHub account and consider using alternative package versions or sources until the issue is resolved.