Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels

The Socket Threat Research team has identified a new wave of supply chain attacks involving malicious PyPI packages that expand on previous campaigns like Mini Shai-Hulud, Miasma, and Hades. This latest wave includes 23 newly identified PyPI artifacts, featuring bioinformatics packages, typosquat-style packages, and AI-themed packages. The threat actors are rapidly evolving their tactics, employing diverse delivery mechanisms such as .pth startup hooks, trojanized native extensions, and payload discovery across Python’s sys.path. A notable variant, langchain-core-mcp, separates the loader from the payload, complicating detection efforts. The campaign targets developer workstations and CI/CD environments to steal valuable credentials and secrets. The malicious packages are part of a broader supply chain attack strategy that continues to adapt, making it crucial for defenders to focus on execution paths and credential exposure while employing robust detection and response measures.