—

MAL-2026-3607

Malicious code in guardrails-ai (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: google-open-source-security (5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5) This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor.

The package will steal credentials and then propogate it to every package it has access to. The package also attempts to remain persistent.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / guardrails-ai

No fixed version published yet for guardrails-ai (pip). Pin to a known-safe version or switch to an alternative.

References

https://www.aikido.dev/blog/mini-shai-hulud-is-back-tanstack-compromised [ARTICLE]
https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem [ARTICLE]
https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack [ARTICLE]
https://tanstack.com/blog/npm-supply-chain-compromise-postmortem [ARTICLE]
https://snyk.io/blog/tanstack-npm-packages-compromised/ [ARTICLE]