PyTorch Lightning hit by network compromise
Incident
Summary
Hide ▲
Show ▼
A malicious PyTorch Lightning release on PyPI created a supply-chain compromise that can steal credentials as soon as the package is imported. The backdoored version 2.6.3 uses a hidden execution chain to download Bun v1.3.13 and run an obfuscated payload. That payload targets .env files, browser-stored secrets, and AWS, Azure, and GCP credentials, putting developer and cloud accounts at risk. Microsoft Threat Intelligence says Defender detected and blocked the activity on a small number of devices, and the package was reverted to 2.6.1.
Related Happenings
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware Activity
H score3
First: 12.06.2026 20:03
Last: 12.06.2026 20:03
Sources 1
About this happening:
**AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
Atomic-lockfile rootkit-infostealer distribution through AUR packages
Malware ActivityAbout this happening: **AUR packages** are distributing the **atomic-lockfile** **Linux rootkit and infostealer** through compromised build scripts, with **more than 400 packages** reported and the **o...
Shai-Hulud worm clone activity on NPM
Malware Activity
H score69
First: 18.05.2026 12:45
Last: 18.05.2026 12:45
Sources 1
About this happening:
The **Shai-Hulud** malware activity has continued to evolve across the **npm supply chain** and related developer ecosystems. It first infected **npm packages** in **September 202...
Shai-Hulud worm clone activity on NPM
Malware ActivityAbout this happening: The **Shai-Hulud** malware activity has continued to evolve across the **npm supply chain** and related developer ecosystems. It first infected **npm packages** in **September 202...
Node-ipc malicious versions with stealer/backdoor payload
Malware Activity
H score34
First: 14.05.2026 20:22
Last: 14.05.2026 20:22
Sources 1
About this happening:
Three **node-ipc** releases now carry an **obfuscated stealer/backdoor** that can harvest **developer and cloud secrets** from any system that loads the package. The malicious cod...
Node-ipc malicious versions with stealer/backdoor payload
Malware ActivityAbout this happening: Three **node-ipc** releases now carry an **obfuscated stealer/backdoor** that can harvest **developer and cloud secrets** from any system that loads the package. The malicious cod...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
H score56
First: 12.05.2026 14:29
Last: 12.05.2026 14:29
Sources 1
About this happening:
The **Shai-Hulud** **supply-chain campaign** now includes a fresh **PyPI** wave that compromised **19 packages** across **37 malicious releases**, with popular bioinformatics tool...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
CampaignAbout this happening: The **Shai-Hulud** **supply-chain campaign** now includes a fresh **PyPI** wave that compromised **19 packages** across **37 malicious releases**, with popular bioinformatics tool...
Mini Shai-Hulud npm supply-chain malware wave
Malware Activity
H score68
First: 12.05.2026 14:07
Last: 12.05.2026 14:07
Sources 1
About this happening:
The **Mini Shai-Hulud** npm **malware activity** now includes the **Miasma** variant affecting **Microsoft GitHub repositories** in a self-replicating **supply-chain campaign**. O...
Mini Shai-Hulud npm supply-chain malware wave
Malware ActivityAbout this happening: The **Mini Shai-Hulud** npm **malware activity** now includes the **Miasma** variant affecting **Microsoft GitHub repositories** in a self-replicating **supply-chain campaign**. O...
Latest development: 09.06.2026 18:42
On June 5, Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub after concerns about potential malicious content tied to the Miasma/Shai-Hulud supply-chain campaign. The action disrupted continuous integration pipelines and broke workflows that depended on Azure/functions-action, while Microsoft said it temporarily removed some repositories during its investigation.
Timeline
-
04.05.2026 20:15 2 articles · 2mo ago
Lightning AI discloses malicious PyTorch Lightning 2.6.3
Initial DisclosureLightning AI discloses that PyTorch Lightning 2.6.3 on PyPI contains a hidden execution chain that triggers on import, downloads a JavaScript runtime, and runs an obfuscated payload tied to credential theft from browsers, .env files, and cloud services.
Show sources
- Backdoored PyTorch Lightning package drops credential stealer — www.bleepingcomputer.com — 04.05.2026 20:15
- Backdoored PyTorch Lightning package drops credential stealer — www.bleepingcomputer.com — 04.05.2026 20:15
-
04.05.2026 20:15 1 articles · 2mo ago
Microsoft Defender detects and blocks ShaiWorm on customer devices
Detection Ioc UpdateMicrosoft Threat Intelligence reports that Defender detected and prevented the malicious PyTorch Lightning routine in customer environments, notified the maintainer, and observed activity affecting a small number of devices in a narrow set of environments.
Show sources
- Backdoored PyTorch Lightning package drops credential stealer — www.bleepingcomputer.com — 04.05.2026 20:15
-
04.05.2026 20:15 1 articles · 2mo ago
PyTorch Lightning reverts package to 2.6.1 on PyPI
Mitigation Patch UpdatePyTorch Lightning has been reverted to 2.6.1 on PyPI, which is described as safe to use, while users who imported 2.6.3 are advised to rotate all secrets, keys, and tokens that may have been exposed.
Show sources
- Backdoored PyTorch Lightning package drops credential stealer — www.bleepingcomputer.com — 04.05.2026 20:15