Mini Shai-Hulud/Miasma/Hades is now targeting bioinformatics and MCP developers in a newer PyPI wave.
We found 23 newly compromised PyPI artifacts using multiple execution paths, plus a fake prompt-injection header likely meant to interfere with LLM-based malware triage:
socket.dev/blog/mini-sh...
Newer packages in this compromise use native extensions and .pth loaders to execute JavaScript stealers in developer environments.
