Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Self-propagating worms named Miasma and Hades have compromised 100+ packages across NPM and PyPI repositories since May. These attacks steal credentials and API keys to propagate further, with confirmed impact to Red Hat's ecosystem and bioinformatics/ML packages. Any development team consuming these ecosystems faces credential theft and supply chain compromise risk.

CRITICALAdvisoryJun 10, 2026

Action required

Immediately audit your dependency manifests (package.json, requirements.txt, etc.) against the published IOC list. Revoke any NPM and PyPI credentials that may have been exposed, rotate API keys, and scan development machines for suspicious package installation activity in the past 6 months.

Affected products

NPMPyPIHybrid Cloud ConsoleRed Hat

Linked articles

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Source links

https://www.securityweek.com/over-100-npm-pypi-packages-hit-in-new-shai-hulud-supply-chain-attacks/