Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Bans Apps Used to Remotely Disable E-Rickshaws
July 3, 2026
The Future of Encryption: Top Post-Quantum Cryptography Solutions for 2026
July 3, 2026
Alibaba Bans Internal Use of Claude AI Over Backdoor Concerns
July 3, 2026
Home/CyberSecurity News/Popular PyPI Package Hacked to Inject Malicious Scripts
CyberSecurity News

Popular PyPI Package Hacked to Inject Malicious Scripts

Key Takeaways A critical software supply chain attack compromised the popular elementary-data Python package. Threat actors injected malicious scripts into the project’s GitHub Actions...

Emy Elsamnoudy
Emy Elsamnoudy
April 28, 2026 3 Min Read
44 0

Key Takeaways

  • A critical software supply chain attack compromised the popular elementary-data Python package.
  • Threat actors injected malicious scripts into the project’s GitHub Actions pipeline, pushing a poisoned version (0.23.3) to PyPI and GitHub Container Registry.
  • The malicious package deploys a sophisticated, multi-stage information stealer targeting cloud credentials, SSH keys, Kubernetes tokens, and cryptocurrency wallets.
  • Immediate action was taken to remove the compromised version, with a clean update (0.23.4) now available.
  • Affected users must rotate all credentials and implement enhanced security measures.

A significant software supply chain compromise has impacted the widely used Python package elementary-data, potentially exposing thousands of developers to extensive credential theft. Attackers successfully infiltrated the Python Package Index (PyPI) and the GitHub Container Registry (GHCR) by injecting a malicious version, 0.23.3, of the package and its corresponding Docker images.

Table Of Content

  • Key Takeaways
  • Exploiting GitHub Actions for Malicious Payload Delivery
  • Affected Versions and Remediation
  • What You Should Do

With over a million monthly downloads, elementary-data serves as a critical dbt data observability tool, making it an attractive target for cybercriminals. Researchers at StepSecurity revealed that the attack did not stem from compromised developer credentials but rather exploited a script-injection vulnerability within the project’s GitHub Actions pipeline.

Exploiting GitHub Actions for Malicious Payload Delivery

The attackers initiated the compromise by submitting a malicious script within a comment on an open pull request from a newly created GitHub account. Due to inadequate security controls, the automated workflow failed to safely process this comment, leading to the execution of the embedded malicious code.

Leveraging the workflow’s inherent access token, the threat actors were able to forge a verified release commit. This allowed them to trigger the official publishing process for the poisoned package without ever directly modifying the main codebase, effectively bypassing standard security checks.

Upon installation, the compromised elementary-data package drops a file named elementary.pth into the system environment. Python’s interpreter automatically executes .pth files at startup, ensuring the immediate activation of the malware on any machine where the package is present.

Threat intelligence reports indicate that the payload is a sophisticated, three-stage information stealer designed to exfiltrate critical developer secrets and credentials. The malware systematically targets and steals a wide array of sensitive data, including:

  • Cloud access tokens for AWS, Google Cloud, and Azure.
  • SSH private keys and Git credentials.
  • Kubernetes service account tokens and Docker configurations.
  • Environment (.env) files containing application secrets.
  • Multiple cryptocurrency wallets, including Bitcoin and Ethereum.

All stolen data is subsequently compressed into an archive and covertly transmitted to an attacker-controlled command-and-control (C2) server.

Affected Versions and Remediation

To ascertain potential exposure, StepSecurity advises users to inspect their installed builds. The specific compromised version of the elementary-data PyPI package is 0.23.3. Users running version 0.23.4 or the earlier 0.23.2 are not affected.

Similarly, the malicious Docker image is identified as ghcr.io/elementary-data/elementary:0.23.3. Users of version 0.23.4 or 0.23.2 are safe. Additionally, if the latest Docker image tag in use has a digest ending in 634255, the environment is compromised. StepSecurity emphasizes the importance of updating the latest tag to a clean build.

The swift identification of the malicious code by community members Crisperik and H-Max led to prompt alerts to the maintainers. The Elementary team acted quickly, removing the dangerous 0.23.3 version from PyPI and GHCR and releasing a clean 0.23.4 replacement on the same day.

What You Should Do

  • Immediately Update: Ensure all instances of elementary-data are updated to version 0.23.4 or later. For Docker users, verify that ghcr.io/elementary-data/elementary:0.23.4 or a clean build of the latest tag is deployed.
  • Rotate Credentials: For any system that installed the compromised version (0.23.3), promptly rotate all cloud access tokens (AWS, Google Cloud, Azure), SSH private keys, Git credentials, Kubernetes service account tokens, Docker configurations, and any application secrets stored in .env files.
  • Review and Secure Wallets: If cryptocurrency wallets were present on affected machines, transfer funds to new, secure wallets and monitor for unauthorized transactions.
  • Enable Multi-Factor Authentication (MFA): Implement MFA across all critical infrastructure and developer accounts to add an extra layer of security against credential theft.
  • Pin Dependencies: To prevent similar supply chain attacks, configure package managers to pin dependencies to specific, verified versions rather than relying on broad version ranges or latest tags.
  • Audit Logs: Review system and network logs on potentially affected machines for any signs of unusual outbound connections or file transfers indicative of data exfiltration.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackExploitHackerMalwareSecurityThreatVulnerability

Share Article

Emy Elsamnoudy

Emy Elsamnoudy

Emy is a cybersecurity analyst and reporter specializing in threat hunting, defense strategies, and industry trends. With expertise in proactive security measures, Emily covers the tools and techniques organizations use to detect and prevent cyber attacks. She is a regular speaker at security conferences and has contributed to industry reports on threat intelligence and security operations. Emily's reporting focuses on helping organizations improve their security posture through practical, actionable insights.

Previous Post

New Linux ELF Malware Generator Evades ML Detection

Next Post

Sandworm Uses SSH-over-Tor for Stealthy, Long-Term Persistence

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
AI Poisoning Attack Abuses SEO and Hidden HTML to Trick AI Agents
July 3, 2026
Nebula AI Platform Automates Pen Testing to Find Vulnerabilities
July 3, 2026
PureLog Stealer Uses Blogspot and PowerShell to Deliver Malware
July 3, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us