Pythagora-io/GPT-pilot Compromised – Shai-Hulud Cred Stealer Blocked by ruff (www.stepsecurity.io)

On June 8, 2026, the GitHub account of a co-founder of Pythagora-io/gpt-pilot, an open-source AI development tool, was compromised, leading to the introduction of a sophisticated credential-stealing payload. This malware, a variant of the Shai-Hulud worm, was designed to siphon sensitive credentials from various platforms, including AWS and GitHub. The attack's significance is underscored by its targeted approach and the sophisticated methods it employed, such as using GitHub commit messages as a covert command-and-control channel, thereby blending in with regular developer activities. Fortunately, the Python code formatter ruff played a pivotal role in thwarting the attack by enforcing strict formatting and linting rules, which caused the attacker's attempts to go undetected to fail. The malware's deployment strategy, coupled with the intelligence behind the coding checks, highlights the vital importance of robust CI/CD practices in security. This incident reflects broader vulnerabilities in open-source projects and the escalating sophistication of supply chain attacks, raising alarms within the AI/ML community about safeguarding developer tools and practices against similar threats in the future.