FILTERING BY: CLEAR FILTER

Hades Malware Campaign: AI-Driven Evasion in PyPI, npm, and RubyGems

The Hades campaign is a cross-registry supply chain attack targeting PyPI, npm, and RubyGems via the leaked Miasma toolkit. Attackers deploy malicious wheel artifacts and setup.pth files to exfiltrate CI/CD credentials and environment variables. The campaign utilizes an "AI Safety-Evasion Paradox," injecting terminology related to biological and nuclear weaponry into the codebase. This triggers safety guardrails in AI-based security scanners, forcing the models to terminate analysis to avoid policy violations, thereby creating a blind spot that allows the malicious payload to bypass detection. Impact includes 19 poisoned PyPI packages and approximately 304 affected software components across 73 GitHub repositories.


LINK COPIED TO CLIPBOARD