JUST IN: SlowMist flags Shai-Hulud Hades, a PyPI-tied variant that auto-runs a .pth file, checks Bun, and deploys a multi-layer JS payload to steal credentials from GitHub, npm, AWS and other cloud services. This elevates credential‑teardown risk across dev ecosystems. https://t.co/CdAfpPzTN4