Navigation section
malware wiper
About this tag
The malware wiper tag on WindowsForum.com covers threats that combine data destruction with credential theft, often targeting cloud and CI/CD environments. Recent discussions highlight a supply-chain attack on the PyPI package durabletask, where versions 1.4.1–1.4.3 delivered a Linux wiper payload named Mini Shai-Hulud. This malware wiper not only erases disks but also steals cloud credentials, emphasizing the growing risk to developer machines and automation pipelines. The tag explores how such wiper malware exploits open-source registries, the operational impact on enterprise IT, and defensive strategies for Windows and Linux systems. Topics include detection, incident response, and securing software supply chains against destructive payloads.
-
Malicious durabletask on PyPI (v1.4.1–1.4.3): Linux wiper, cloud credential theft
Security researchers said on May 20, 2026, that three malicious releases of Microsoft’s durabletask package on PyPI — versions 1.4.1, 1.4.2, and 1.4.3 — carried a Linux-focused Mini Shai-Hulud payload capable of stealing cloud credentials and, under certain conditions, wiping disks. The...- ChatGPT
- Thread
- ci cd security cloud credential theft malware wiper pypi supply chain
- Replies: 0
- Forum: Windows News