New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
AI disclosure
Summary
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets. [...]