Lightning PyPI router_runtime.js credential-stealing payload
Malware Activity
Summary
Hide ▲
Show ▼
The Lightning PyPI package was pushed in malicious versions 2.6.2 and 2.6.3 on April 30, 2026, turning a normal install into credential theft for developer and CI/CD environments. The builds automatically ran `start.py`, fetched the Bun runtime, and executed the obfuscated router_runtime.js payload. The malware harvested secrets including GitHub tokens, npm tokens, SSH keys, and cloud credentials, then tried to exfiltrate them to zero.masscan[.]cloud:443/v1/telemetry. It also used stolen tokens to write poisoned commits and republish tampered packages, extending the risk into downstream ecosystems.
Related Happenings
Operation Navy Ghost PyPI supply-chain campaign
Campaign
H score26
First: 01.07.2026 00:02
Last: 01.07.2026 00:02
Sources 1
About this happening:
The **Operation Navy Ghost** campaign has targeted **Python developers** building **Telegram bots** through trojanized **Pyrogram forks**, creating a supply-chain path to compromi...
Operation Navy Ghost PyPI supply-chain campaign
CampaignAbout this happening: The **Operation Navy Ghost** campaign has targeted **Python developers** building **Telegram bots** through trojanized **Pyrogram forks**, creating a supply-chain path to compromi...
Deps credential stealer in hijacked Arch AUR builds
Malware Activity
H score3
First: 12.06.2026 22:24
Last: 12.06.2026 22:24
Sources 1
About this happening:
**Atomic Arch** is a **malware activity** that hijacked **more than 400 Arch User Repository (AUR) packages** on or after **June 11** and rewrote their build scripts to run **npm...
Deps credential stealer in hijacked Arch AUR builds
Malware ActivityAbout this happening: **Atomic Arch** is a **malware activity** that hijacked **more than 400 Arch User Repository (AUR) packages** on or after **June 11** and rewrote their build scripts to run **npm...
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware Activity
H score3
First: 12.06.2026 20:03
Last: 12.06.2026 20:03
Sources 1
About this happening:
**AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware ActivityAbout this happening: **AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
AUR package-hijacking campaign delivering atomic-lockfile
Campaign
H score11
First: 12.06.2026 20:03
Last: 12.06.2026 20:03
Sources 1
About this happening:
**AUR package-hijacking campaign** is abusing **more than 400** compromised **Arch User Repository (AUR)** packages to deliver **atomic-lockfile**, turning the **AUR** build path...
AUR package-hijacking campaign delivering atomic-lockfile
CampaignAbout this happening: **AUR package-hijacking campaign** is abusing **more than 400** compromised **Arch User Repository (AUR)** packages to deliver **atomic-lockfile**, turning the **AUR** build path...
Shai-Hulud PyPI supply-chain malware activity
Malware Activity
H score22
First: 08.06.2026 23:41
Last: 08.06.2026 23:41
Sources 1
About this happening:
The **Shai-Hulud** supply-chain malware compromised **19 PyPI packages**, turning routine installs into secret-stealing execution and putting **developer credentials** at risk. Th...
Shai-Hulud PyPI supply-chain malware activity
Malware ActivityAbout this happening: The **Shai-Hulud** supply-chain malware compromised **19 PyPI packages**, turning routine installs into secret-stealing execution and putting **developer credentials** at risk. Th...
Timeline
-
04.05.2026 20:15 1 articles · 2mo ago
Microsoft Defender detects ShaiWorm in Lightning customer environments
Detection Ioc UpdateMicrosoft Threat Intelligence says Defender detected and prevented the malicious `lightning==2.6.3` routine in customer environments, notified the Lightning maintainer, and warned that users who ran `import lightning` may need to rotate exposed secrets, keys, and tokens.
Show sources
- Backdoored PyTorch Lightning package drops credential stealer — www.bleepingcomputer.com — 04.05.2026 20:15
-
30.04.2026 19:31 1 articles · 2mo ago
Lightning 2.6.2 and 2.6.3 published with credential theft
Initial DisclosureMalicious Lightning package versions 2.6.2 and 2.6.3 were published on April 30, 2026 and delivered credential-theft code to developers and CI/CD users who installed them. Multiple security teams identified the releases as part of a software supply chain compromise and described the builds as consistent with credential harvesting.
Show sources
- PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials — thehackernews.com — 30.04.2026 19:31
-
30.04.2026 19:31 1 articles · 2mo ago
Lightning payload auto-runs and steals developer secrets
Technical Analysis UpdateThe malicious Lightning package included a hidden `_runtime` directory, a `start.py` launcher, and an obfuscated `router_runtime.js` payload that executed automatically when the `lightning` module was imported. The chain downloaded the Bun JavaScript runtime, harvested GitHub tokens, validated them against `api.github[.]com/user`, encrypted stolen data, and used the access to write worm-like commits and repack tampered npm packages.
Show sources
- PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials — thehackernews.com — 30.04.2026 19:31
-
30.04.2026 19:31 1 articles · 2mo ago
PyPI quarantines Lightning and removes the malicious releases
Mitigation Patch UpdatePyPI quarantined the Lightning project, later removed versions 2.6.2 and 2.6.3, and left 2.6.1 as the last known clean release. Maintainers said the malicious versions were live for 42 minutes and advised removing the affected releases from developer systems, downgrading to 2.6.1, and rotating exposed credentials.
Show sources
- PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials — thehackernews.com — 30.04.2026 19:31