BTC $62,238.58 -2.38%
ETH $1,773.16 -1.81%
BNB $566.63 -1.27%
XRP $1.06 -1.90%
SOL $74.80 -2.69%
TRX $0.3240 -2.21%
DOGE $0.0718 -1.17%
ADA $0.1570 -3.02%
BCH $236.22 -1.56%
LINK $7.87 -1.58%
HYPE $63.50 -5.56%
AAVE $94.31 -2.85%
SUI $0.7204 -2.10%
XLM $0.1802 -3.11%
ZEC $494.92 -7.23%
BTC $62,238.58 -2.38%
ETH $1,773.16 -1.81%
BNB $566.63 -1.27%
XRP $1.06 -1.90%
SOL $74.80 -2.69%
TRX $0.3240 -2.21%
DOGE $0.0718 -1.17%
ADA $0.1570 -3.02%
BCH $236.22 -1.56%
LINK $7.87 -1.58%
HYPE $63.50 -5.56%
AAVE $94.31 -2.85%
SUI $0.7204 -2.10%
XLM $0.1802 -3.11%
ZEC $494.92 -7.23%

Shai-Hulud Hades 新变种攻击 PyPI,利用 Python 到 Bun 跨运行时链窃取凭证

2026-06-12 20:57:59
收藏

ChainCatcher 消息,据慢雾披露,发现 Shai-Hulud Hades 新变种正在攻击 PyPI。恶意包会投放 .pth 文件,在 Python 启动时自动执行,并检测本地是否安装 Bun;若未安装,则从 GitHub Releases 下载官方 Bun 二进制文件,再执行多层混淆 JavaScript 载荷,用于窃取 GitHub、npm、AWS 及云服务凭证。

慢雾称,该变种与此前 Shai-Hulud 攻击使用相同 RSA 公钥和基础设施,并具备加密外传、持久化、CI/CD 注入及 GitHub Actions 注入等能力。

app_icon
ChainCatcher 与创新者共建Web3世界