Security News Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer TheHackerNews Daniel Bender 09 Jun 2026 Share Hades, a new PyPI branch of the Mini Shai-Hulud/Miasma supply chain campaign, hit 37 malicious wheels across 19 packages.
