{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihvd7yx7meoeddlcyaszlbtyrps2zehr36lke2gvdarximq26ir4u",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mnu6j44pids2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicmrx3zd4jtzwy2rst56gj2lwonzreotclo4jcuar2guwvv2lfime"
    },
    "mimeType": "image/png",
    "size": 246261
  },
  "path": "/2026/06/hades-pypi-attack-19-packages-poisoned.html",
  "publishedAt": "2026-06-09T09:13:32.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems.\n\n\"The compromised releases shipped a *-setup.pth file that attempts to execute automatically",
  "title": "Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer"
}