CyberSecurityBoard
Sponsor Register Login

PyPI invalidates tokens stolen in GhostAction supply chain attack

PyPI, the Python Package Index, has taken decisive action to invalidate tokens that were compromised during the GhostAction supply chain attack. This incident highlights the increasing risks associated with supply chain attacks in the software development ecosystem. The GhostAction attack involved malicious actors infiltrating the PyPI infrastructure to steal authentication tokens, which could have been used to publish malicious packages or manipulate existing ones. In response, PyPI has invalidated all affected tokens to prevent further misuse and has urged developers to rotate their credentials and monitor their projects for suspicious activity. This event underscores the critical importance of securing package repositories and implementing robust security measures to protect the software supply chain. Developers are encouraged to adopt best practices such as multi-factor authentication, regular token rotation, and vigilant monitoring to mitigate the risks posed by such sophisticated attacks. The PyPI community and security teams continue to collaborate closely to enhance the platform's defenses and ensure the integrity of Python packages distributed worldwide. This incident serves as a wake-up call for the broader software development community to prioritize supply chain security and adopt proactive strategies to safeguard their projects and users.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 18 Sep 2025 13:20:11 +0000


Cyber News related to PyPI invalidates tokens stolen in GhostAction supply chain attack

Software Supply Chain Security Checklist - In the ever-evolving landscape of digital innovation, the integrity of software supply chains has become a pivotal cornerstone for organizational security. Software supply chain security is not just about protecting code - it's about safeguarding the ...
1 year ago Feeds.dzone.com
PyPI invalidates tokens stolen in GhostAction supply chain attack - PyPI, the Python Package Index, has taken decisive action to invalidate tokens that were compromised during the GhostAction supply chain attack. This incident highlights the increasing risks associated with supply chain attacks in the software ...
3 months ago Bleepingcomputer.com GhostAction
Hackers target Python devs in phishing attacks using fake PyPI site - Python developers and PyPI users who have received these phishing emails are advised not to click the embedded links and to delete the email immediately. In February, the Python Software Foundation introduced 'Project Archival,' a new system designed ...
5 months ago Bleepingcomputer.com
New "MITRE ATT&CK-like" framework outlines software supply chain attack TTPs - A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack ...
2 years ago Csoonline.com
GhostAction Supply Chain Attack Targets 3,000 Organizations Globally - The recent discovery of the GhostAction supply chain attack has sent shockwaves through the cybersecurity community, revealing a sophisticated campaign targeting approximately 3,000 organizations worldwide. This attack leverages compromised software ...
4 months ago Infosecurity-magazine.com
PyPI Warns of New Phishing Attack Targeting Developers With Fake PyPI site - This sophisticated attack targets developers who have published packages on the official repository, leveraging their trust in the PyPI ecosystem to harvest login credentials through a carefully crafted fake website that mimics the legitimate ...
5 months ago Cybersecuritynews.com
Hackers steal 3,325 secrets in GhostAction GitHub supply chain attack - In a significant cybersecurity incident, hackers have successfully stolen 3,325 secrets through a supply chain attack targeting GhostAction on GitHub. This attack highlights the increasing risks associated with software supply chains and the critical ...
4 months ago Bleepingcomputer.com
New Supply Chain Attack Leveraging Python Package Index Targeting Wacatac Trojan - A new supply chain attack has recently been detected targeting Python Package Index (PyPI) users with the Wacatac Trojan. This attack is seen as the latest in a series of advanced persistent threats (APT) targeting the escalating use of Python in ...
2 years ago Securityweek.com
CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force - The Task Force, chaired by CISA's National Risk Management Center and the Information Technology and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from public and private ...
1 year ago Cisa.gov
Exposed Hugging Face API tokens jeopardized GenAI models - Lasso Security researchers discovered 1,681 Hugging Face API tokens exposed in code repositories, which left vendors such as Google, Meta, Microsoft and VMware open to potential supply chain attacks. In a blog post published Monday, Lasso Security ...
2 years ago Techtarget.com
Why Tokens Are Like Gold for Opportunistic Threat Actors - COMMENTARY. Authentication tokens aren't actual physical tokens, of course. Authentication tokens are an important part of cybersecurity. Which means that anyone with a token has a gold key to corporate systems - without requiring a multifactor ...
1 year ago Darkreading.com
Supply Chain Cybersecurity - CISO Risk Management Guide - As regulatory scrutiny intensifies and cyber threats grow more sophisticated, CISOs must adopt a proactive, strategic approach to supply chain cybersecurity risk management, making it a boardroom priority and an integral part of organizational ...
8 months ago Cybersecuritynews.com
UK, ROK sound alarm over North Korean supply chain attacks The Register - The national cybersecurity organizations of the UK and the Republic of Korea have issued a joint advisory warning of an increased volume and sophistication of North Korean software supply chain attacks. "In an increasingly digital and interconnected ...
2 years ago Theregister.com Lazarus Group
SCS 9001 2.0 reveals enhanced controls for global supply chains - In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in operationalizing the NIST and other government guidelines and frameworks. ...
2 years ago Helpnetsecurity.com
Meta AI Models Cracked Open With Exposed API Tokens - Researchers recently were able to get full read and write access to Meta's Bloom, Meta-Llama, and Pythia large language model repositories in a troubling demonstration of the supply chain risks to organizations using these repositories to integrate ...
2 years ago Darkreading.com
Securing the Supply Chain - Before a supply chain can be improved, it must be understood. Rather than attacking one target, it is more effective to manipulate the supply chain to gain access to multiple targets. The 2013 Target breach was an example of a supply chain attack, as ...
2 years ago Securityweek.com
Shai-Halud Supply Chain Attack: A New Threat to Cybersecurity - The Shai-Halud supply chain attack represents a significant escalation in cyber threats targeting global supply networks. This sophisticated attack exploits vulnerabilities in software supply chains, allowing threat actors to infiltrate multiple ...
3 months ago Cybersecuritynews.com
How AI could bolster software supply chain security - SAN FRANCISCO - While supply chain risks remain prevalent across enterprises of all sizes, Synopsys' Tim Mackey said AI tools will enable developers more than attackers - at least for now. Supply chain security was a significant topic that speakers ...
1 year ago Techtarget.com
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack - On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. We immediately notified the WordPress Plugin's Team and they removed the ...
1 year ago Wordfence.com
116 Malicious PyPI Packages Downloaded Over 10,000 Times - A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows and Linux systems and often deploys a custom backdoor. In certain instances, the ultimate payload consists of ...
2 years ago Cybersecuritynews.com
3 PYPI Packages Caught Spreading Malware - Recent reports have highlighted the malicious spreading of malware via 3 specific Python Package Index (PyPI) packages. These 3 packages were identified and reported by Sonatype, a software supply chain security firm. ...
2 years ago Securityaffairs.com
DPython's Poisoned Package: Another 'Blank Grabber' Malware in PyPI - Python Package Index is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform's repository aimed at delivering malware to steal the ...
2 years ago Imperva.com
Attackers Finding Novel Ways to Abuse GitHub: ReversingLabs - Threat actors are finding new ways to take advantage of GitHub in hopes of tricking developers into putting malicious code into their software and sending to users downstream, according to researchers with ReversingLabs. Code repositories like GitHub ...
2 years ago Securityboulevard.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)