—
PYSEC-2026-1070
Malicious code in langchain-core-mcp (PyPI)
상세
Part of the "Hades" wave of the Shai-Hulud supply-chain campaign. On 2026-06-08, malicious phantom releases of langchain-core-mcp were published to PyPI using stolen credentials. The package executes a bundled JavaScript payload (via the Bun runtime) on import that harvests and exfiltrates credentials and attempts self-propagation. This entry is a summary; behavior may not be fully characterized here. See the linked references for detailed analysis and indicators of compromise.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
PyPI / langchain-core-mcp
No fixed version published yet for langchain-core-mcp (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://inspector.pypi.io/project/langchain-core-mcp/1.4.3/packages/51/de/fc5e079bf959bc729044aa0bf8139e87567689d59ee9611ed2a5929ef77a/langchain_core_mcp-1.4.3-py3-none-any.whl/langchain_core-setup.pth [EVIDENCE]
- https://www.endorlabs.com/learn/shai-hulud-hades-wave-hits-six-pypi-bioinformatics-packages [ARTICLE]
- https://www.stepsecurity.io/blog/the-hades-campaign-pypi-packages [ARTICLE]