#PyPI
5 stories taggedPyPI.

Fake Paysafe and Skrill SDKs on npm and PyPI Went After Developers' Secrets
A single attacker uploaded 17 lookalike payment packages that quietly stole API keys, cloud credentials and GitHub tokens from anyone who installed them.

HalluSquatting: When AI Coding Helpers Invent Fake Software, Criminals Register It First
Researchers show how attackers can predict the fake package names AI assistants make up, then publish real malware under those names, waiting for developers to install the trap.

Hades Hits PyPI: 37 Poisoned Wheels Auto-Exec via .pth Trick
A fresh splinter of the Miasma supply-chain campaign abuses Python's site-packages path hook to fire on import — and goes hunting for Bun credentials.

TrapDoor: The Supply Chain Campaign That Wants Your Whole Dev Environment, Not Just Your Secrets
A cross-registry malware campaign hitting npm, PyPI, and Crates.io is going after CI/CD pipelines, SSH trust chains, and AI coding assistant files — not just credentials on install.

TrapDoor Campaign Plants Credential Stealers Across npm, PyPI, and Crates.io
A coordinated operation seeded 34+ malicious packages across three registries since May 2026. If you ship code, this one is sitting in your dependency tree right now.