PyPI in the Media
35 mentions across press, blogs, and newsletters
May 2026
Developer-Targeting Glassworm Malware Abuses npm, PyPI, OpenVSX, and GitHub
A dangerous malware campaign known as Glassworm has been spreading through the tools that software developers trust most every day. By abusing popular platforms like npm, PyPI, OpenVSX, and GitHub, the attackers have turned routine development workflows into entry points for data theft, credentia
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more than 34 malicious packages across over 384 versions. The earliest activity was recorded on May 22, 20
Hackers Compromise 34 npm, PyPI, and Crates Packages in Major Supply Chain Attack
Hackers have launched a large-scale software supply chain attack targeting developers across npm, PyPI, and Crates.io, compromising at least 34 open-source packages and hundreds of associated versions. Security researchers at Socket are tracking the campaign as “TrapDoor,” a crypto-focused creden
Hackers Compromised 34 Packages in npm, PyPI, and Crates in New Supply Chain Attack
New TrapDoor supply chain campaign, an active attack deploying 34 malicious packages and over 384 related versions across npm, PyPI, and Crates.io to steal developer credentials and cryptocurrency wallets. The operation explicitly targets developers in the crypto, DeFi, Solana, and AI communities
TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io
TrapDoor crypto stealer hits 36 malicious packages across npm, PyPI, and Crates.io, targeting crypto, DeFi, AI, and security developers.
Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign
A self-propagating worm has compromised more than 170 npm and PyPI packages, defeating provenance attestation and breaching OpenAI and Mistral AI. Here is what you need to know.Key takeawaysMini Shai-Hulud is a self-propagating worm by TeamPC
TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages
Research reveals that TeamPCP hijacked OIDC tokens to poison hundreds of TanStack, Mistral AI, and UiPath packages with the self-propagating Mini Shai-Hulud worm.
Mini Shai Hulud strikes again hitting over 100 npm and PyPI packages including Mistral AI
Re-emerging supply chain attack hitting hundreds of packages with tens of millions of weekly downloads.
MistralAI PyPI Package Compromised to Inject Malicious Code – Microsoft Warns
A popular AI development library has been turned into a weapon. The mistralai PyPI package, version 2.4.6, was found to contain malicious code secretly injected by attackers, putting developers and organizations worldwide at serious risk. The compromise affects anyone who installed or updated the
New ‘Shai-Hulud’ attack breached hundreds of npm and PyPI packages
A rapidly expanding supply-chain attack tied to the “Mini Shai-Hulud” malware campaign has compromised more than 400 package artifacts across npm, PyPI, and Composer repositories. The breached projects include widely used libraries from TanStack, Mistral AI, UiPath, OpenSearch, and Guardrails AI.
Microsoft Warns: MistralAI PyPI Package Compromised with Malware
Mistral’s official Python client on PyPI has been pulled into the ongoing wave of AI supply‑chain attacks, with Microsoft warning that version 2.4.6 of the mistralai package was backdoored to silently deploy a credential‑stealing payload on Linux systems. The logic is designed to execute automati
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
Cybersecurity researchers have discovered three packages on the Python Package Index (PyPI) repository that are designed to stealthily deliver a previously unknown malware family called ZiChatBot on Windows and Linux systems. "While these wheel packages do implement the features described on th
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services. [...]
April 2026
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both
lightning PyPI Package Compromised in Supply Chain Attack
Socket detected a malicious supply chain attack on PyPI package lightning versions 2.6.2 and 2.6.3, which execute credential-stealing malware on import.
Top open source PyPI package with over 1 million downloads each month hacked to send out malware
This was not a case of stolen credentials, but rather of vulnerability exploitation.
Popular PyPI Package With 1 Million Monthly Downloads Hacked to Inject Malicious Scripts
A major software supply chain attack has compromised the popular Python package elementary-data, exposing thousands of developers to massive credential theft. Threat actors successfully pushed a malicious version, 0.23.3, to the Python Package Index (PyPI) and poisoned the matching Docker im
PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. [...]
Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code. Xinference has over 60
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's packages were designed to impersonate legitimate developer tooling [...], while quietly functio
Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data
A malicious PyPI package, hermes-px, that masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service. Marketed as an OpenAI-compatible, Tor-routed proxy requiring no API keys, the package actually hijacks a Tunisian university’s i
PyPI Telnyx Python SDK Backdoored to Steal Credentials on Windows, macOS, and Linux
Telnyx Python SDK on PyPI, using a multi‑stage WAV steganography payload to steal credentials across Windows, macOS, and Linux systems. The backdoor lives in telnyx/_client.py and is triggered at module scope, so simply importing telnyx is enough to execute the payload before any application code
March 2026
Telnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
Also, EU probes Snapchat, RedLine suspect extradited, AstraZeneca leak claim surfaces, and more infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to pla
Major compromise of the telnyx PyPI library could put millions of users at risk
TeamPCP strikes again, with almost identical code to LiteLLM.
Telnyx Python SDK Backdoored on PyPI to Steal Cloud Credentials
The popular Telnyx Python SDK on PyPI to deploy a multi‑stage credential‑stealing operation that targets cloud infrastructure, Kubernetes clusters, and developer environments at scale. On March 27, 2026, TeamPCP uploaded two malicious Telnyx SDK releases, versions 4.87.1 and 4.87.2, directly to P
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. [...]
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group
From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI
The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$. The post From Trivy to Broad OSS Compromise: TeamPCP Hits
PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials
PyPI
Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. [...]
February 2026
Malicious npm and PyPI packages linked to Lazarus APT fake recruiter campaign
Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and PyPI connected to a fake job recruitment campaign attributed to the North Korea-linked Lazarus Group. The
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open‑source ecosystems to deliver malware to cryptocurrency‑focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi‑stage payloads behind seemingly legit
Toolradar Research
See PyPI in context: The SaaS Press Index 2026
We analyzed 6,704 press mentions across 290 outlets to rank which SaaS tools win coverage. Find PyPI's position relative to the 488 most-covered tools.
Read the reportExplore PyPI
Press coverage is one signal. See the full picture.