Popular PyPI Package With 1 Million Monthly Downloads Hacked to Inject Malicious Scripts

📅 28 April 2026 at 09:19 UTC📰 Cyber Security NewsView original source ↗

A major software supply chain attack has compromised the popular Python package elementary-data, exposing thousands of developers to massive credential theft. Threat actors successfully pushed a malicious version, 0.23.3, to the Python Package Index (PyPI) and poisoned the matching Docker images on the GitHub Container Registry (GHCR). With over one million monthly downloads, this widely used dbt […] The post Popular PyPI Package With 1 Million Monthly Downloads Hacked to Inject Malicious Scripts appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A major software supply chain attack compromised the elementary-data PyPI package, exposing thousands of developers to massive credential theft through a malicious version (0.23.3) pushed to PyPI and GHCR.

⚙️Technical Details

Affected Systems

elementary-dataDocker images on GitHub Container Registry (GHCR)

Attack Vectors

PyPI package compromisePoisoning of matching Docker images

💥Impact Assessment

Severity: High

Who Is at Risk

Thousands of developers using the elementary-data PyPI package

🛡️Recommended Actions

1Immediately update to the latest version of elementary-data (0.23.4)

2Disable Docker images from GHCR until further notice

3Monitor system logs for suspicious activity related to PyPI packages

📦Affected Products

elementary-data

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed