Supply Chain · Watch Sunday · 07 June 2026 End-of-day synthesis 4 watches · 1 items

From the watchtower — what crossed the wire today.

A four-times-a-day standing watch on the open-source supply chain. Each pass pulls newly disclosed CVEs, freshly catalogued KEV adds, and active attacks reported in the wild — then ranks them by severity for the day.

The story of the day — The disclosure feeds went silent for the weekend, leaving one story standing: Miasma opened a Python propagation arm — 37 malicious PyPI wheels that execute on interpreter start, no import required.

Sundays run quiet on the disclosure feeds, and this one was nearly silent: no new GHSA advisories cleared the window, no fresh KEV additions, and only one story carried the day. But that one story is the right one to spend the whole page on.

Socket caught the Shai-Hulud/Miasma lineage opening a Python propagation arm: 37 malicious wheels across 19 PyPI packages that plant a *-setup.pth startup hook — code that runs every time the interpreter starts, whether or not the package is ever imported — then bootstrap the Bun runtime to run the same credential stealer that walked through Red Hat's npm packages and Microsoft's GitHub orgs this week. The .pth hook is PyPI's answer to npm's postinstall, and its appearance here ends any remaining comfort that this campaign was an npm problem. The weekend quiet cuts both ways: fewer disclosures to triage, but also fewer eyes on CI logs while a worm spreads into a fresh ecosystem. The bright spot is detection speed — Socket published the same day the wheels landed, so the package list exists before Monday's install traffic does.

→ Operational priority for the night audit site-packages on developer machines and CI images for unexpected *-setup.pth files, diff anything installed since Friday against Socket's package list, and rotate GitHub, npm, PyPI, and cloud credentials on any host that pulled a tainted wheel — before Monday's pipelines start.

06:00 ET · Morning Watch

Critical · Socket · 2026-06-07 ·added 06:00 ET

Miasma crosses into PyPI: 37 malicious wheels across 19 packages drop a Bun-based credential stealer via .pth startup hooks

Socket caught the Shai-Hulud/Miasma lineage jumping ecosystems: 37 malicious wheel artifacts across 19 PyPI packages carry a *-setup.pth startup hook that executes on interpreter start — no import of the package required — then pulls the Bun runtime from GitHub and runs an obfuscated _index.js stealer targeting GitHub, npm, PyPI, AWS, GCP, Azure, Kubernetes, Vault, SSH and Docker credentials, exfiltrating to attacker-controlled GitHub repos tagged 'Hades - The End for the Damned'. The .pth vector is PyPI's answer to npm's postinstall, and the Bun bootstrap is the same cross-runtime TTP that walked Miasma through Red Hat's npm packages and Microsoft's GitHub orgs this week — treat this as the same campaign, now with a Python propagation arm. Audit site-packages for unexpected *-setup.pth files, check whether anything you installed in the last 48 hours is on Socket's package list (early coverage names a compromised lightning/PyTorch Lightning release), and rotate developer and CI credentials on any machine that installed a tainted wheel.