Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

PyPI publishing tokens and secrets stolen in GhostAction campaign

Data Leak
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

A GhostAction supply-chain compromise exposed PyPI publishing tokens and other secrets, creating immediate risk for maintainer credentials and API access. PyPI invalidated the affected tokens after the theft was confirmed, and investigators said the tokens did not appear to have been used to publish malware. The stolen material spanned npm, DockerHub, GitHub, Cloudflare, AWS, and database credentials.

Related Happenings

Mini Shai-Hulud supply-chain campaign targeting npm and PyPI

Campaign
First: 12.05.2026 17:45 Last: 12.05.2026 17:45 Sources 1

About this happening: The **Mini Shai-Hulud** **supply-chain campaign** linked to **TeamPCP** expanded into downstream victim reporting, including **Grafana Labs**. Grafana said its **GitHub environmen...

Latest development: 21.05.2026 11:00

Grafana Labs said its GitHub environment was accessed and its codebase downloaded, with additional internal operational information taken from GitHub repositories, after compromise linked to the Mini Shai-Hulud campaign and TanStack npm packages. Grafana said it first spotted malicious activity on May 11, discovered the unauthorized download on May 17, and after contact from the ransom gang rotated automation tokens, enabled enhanced monitoring, audited commits since the May 11 incident, and hardened its GitHub security posture, while saying there is no indication customer production systems or operations were compromised.

Open Happening

Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials

Campaign
First: 12.05.2026 14:29 Last: 12.05.2026 14:29 Sources 1

About this happening: The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...

Open Happening

Mini Shai-Hulud npm supply-chain malware wave

Malware Activity
First: 12.05.2026 14:07 Last: 12.05.2026 14:07 Sources 1

About this happening: The **Sha1-Hulud** npm supply-chain campaign is a fresh **second wave** of **Shai-Hulud**-style activity that has compromised **hundreds of npm packages**. The malware runs during...

Open Happening

Lightning PyPI router_runtime.js credential-stealing payload

Malware Activity
First: 30.04.2026 19:31 Last: 30.04.2026 19:31 Sources 1

About this happening: The **Lightning** PyPI package was pushed in **malicious versions 2.6.2 and 2.6.3** on **April 30, 2026**, turning a normal install into **credential theft** for **developer and C...

Latest development: 04.05.2026 20:15

Microsoft Threat Intelligence says Defender detected and prevented the malicious `lightning==2.6.3` routine in customer environments, notified the Lightning maintainer, and warned that users who ran `import lightning` may need to rotate exposed secrets, keys, and tokens.

Open Happening

Mini Shai-Hulud SAP-related npm supply-chain campaign

Campaign
First: 29.04.2026 19:26 Last: 29.04.2026 19:26 Sources 1

About this happening: A new **Mini Shai-Hulud** supply-chain campaign is targeting **SAP-related npm packages**, putting **developer and CI/CD environments** at risk of credential theft and malicious p...

Latest development: 12.05.2026 11:50

Mini Shai-Hulud expands beyond the original SAP-related npm packages to compromise TanStack, UiPath, Mistral AI, OpenSearch, Guardrails AI, and DraftLab packages across npm and PyPI, with malicious payloads using router_init.js, GitHub Actions abuse, and exfiltration to filev2.getsession[.]org, api.masscan[.]cloud, or attacker-controlled GitHub repositories.

Open Happening

Timeline

  2. 18.09.2025 16:09 1 articles · 8mo ago

    PyPI response is delayed until September 10

    Detection Ioc Update

    A GitGuardian researcher's follow-up email with additional findings landed in spam, delaying PyPI Security's incident response until September 10 after the malicious GitHub Actions secret-exfiltration activity had been reported.

    Show sources
    Open in new tab
  3. 18.09.2025 16:09 1 articles · 8mo ago

    PyPI invalidates stolen tokens and advises Trusted Publishers

    Mitigation Patch Update

    After confirming that no PyPI accounts had been compromised, PyPI's Mike Fiedler contacted maintainers of affected projects on September 15, told them their tokens had been invalidated, and recommended replacing long-lived GitHub Actions tokens with short-lived Trusted Publishers tokens.

    Show sources
    Open in new tab
  4. 18.09.2025 16:09 2 articles · 8mo ago

    PyPI says stolen tokens were not used on PyPI

    Victim Impact Update

    The Python Software Foundation said it had invalidated all PyPI tokens stolen in the GhostAction supply-chain attack and found no evidence that the threat actors used them to publish malware on PyPI.

    Show sources
    Open in new tab