Supply ChainJun 8, 2026
'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud
Hades campaign targets PyPI packages with malware, evolving supply chain threats.
Summary
A new campaign dubbed 'Hades' has targeted the Python Package Index (PyPI), compromising 37 wheels and 19 code packages. This ongoing attack demonstrates a persistent and evolving threat within the software supply chain, highlighting the risks associated with open-source dependencies.
Indicators of Compromise
- malware — Hades
Entities
PyPI (product)software supply chain (technology)