Pypi

TeamPCP compromised the PyPi package durabletask (versions 1.4.1, 1.4.2, and 1.4.3), stealing credentials for AWS, Azure, GCP, K8s, and Vault, brute-forcing passwords from password managers, and exfiltrating shell history before propagating to up to 5 targets via AWS SSM and Kubernetes.

A malicious version of the guardrails-ai package (0.10.1) was published to PyPI on May 11, 2026, advising users who installed this version to downgrade and treat the host as potentially compromised, rotating credentials and auditing GitHub accounts, with Snowglobe and Guardrails Hub API keys being invalidated on May 13, 2026.

OpenAI was impacted by the TanStack supply chain attack, resulting in two employee devices being compromised and the exfiltration of credential material from internal source code repositories.

Multiple npm and PyPi packages, including OpenSearch pre-release packages, were compromised in a supply chain attack, potentially leading to arbitrary code execution on developer or user systems.

The Shai-Hulud malware was used in a large-scale software supply-chain attack compromising hundreds of packages across open-source software ecosystems by compromising developer secrets and CI/CD pipelines.

Compromised PyTorch Lightning PyPI packages versions 2.6.2 and 2.6.3 contain malicious code related to credential harvesting, requiring immediate credential rotation and system rebuilding.

The April 2026 Red Canary Intelligence Insights highlights the axios npm compromise, TeamPCP's LiteLLM compromise via PyPI, and a surge in Microsoft Teams phishing, leading to RAT deployment, credential harvesting, ransomware deployment, or data theft.

A threat actor compromised the PyPI package `telnyx`, uploading malicious versions 4.87.1 and 4.87.2 containing credential-stealing malware that exfiltrates data to a C2 server.

The TeamPCP threat actor compromised the Telnyx PyPI package, injecting credential-stealing malware hidden within WAV audio files to target Linux, macOS, and Windows systems.

Versions 1.82.7 and 1.82.8 of the Litellm package on PyPI were compromised in a supply chain attack, potentially impacting numerous users, with recommendations to avoid updating to these versions.