Pythagora gpt-pilot GitHub Compromise
ConfirmedDiscovered Jun 17, 2026
An attacker hijacked a Pythagora co-founder's GitHub account, force-pushed a Shai-Hulud credential-stealer to gpt-pilot's main branch, and lost the payload twice to ruff lint failures before any public downstream execution was shown.
1
Affected Packages
2
Observables
2
Sources
Timeline
| Date | Event | Description | Source |
|---|---|---|---|
| Jun 17, 2026 | Fresh source review | Reviewed direct and primary sources for the last-two-weeks supply-chain refresh; this preview intentionally excludes older Halting Problems article data. | Primary research |
Affected Software
| Package | Ecosystem | Version Range | Status | Confidence | Source |
|---|---|---|---|---|---|
| No rows match the active filters. | |||||
IOC Clipboard
2 IOCshash
53154df1c66b42021f230c3fb6ef797c4b7c3e83hash
90f59f5de6819a43ffe9b6272e3ed65aaadca804Provenance & Sources
| Source | Type | Reliability | Claims | Evidence |
|---|---|---|---|---|
| Primary research | primary research | 95% | 1 | https://www.stepsecurity.io/blog/pythagora-io-gpt-pilot-compromised-on-github-shai-hulud-credential-stealer-blocked-by-python-linter |
| Primary research | primary research | 95% | 1 | https://github.com/Pythagora-io/gpt-pilot/issues/1182 |