Lightning PyPI Compromise: Bun-Based Stealer

A recent security incident involved a malicious package on the Python Package Index (PyPI) named "lightning," which contained a credential-stealing payload. The malware was built using Bun, a JavaScript runtime, and targeted sensitive data such as browser credentials and cryptocurrency wallet information. The compromised package was identified and reported by security researchers.