Safeguard
Tag

pypi

Safeguard articles tagged "pypi" — guides, analysis, and best practices for software supply chain and application security.

69 articles

Supply Chain Attacks

The elementary-data hijack: when a dbt observability tool became a credential harvester

A hijacked GitHub Actions token let attackers publish a backdoored elementary-data release that stole cloud, warehouse, and SSH credentials.

Jul 16, 20266 min read
AI Security

When the Scanner Is the Backdoor: The LiteLLM Trivy Attack

On March 19, 2026, TeamPCP hijacked Trivy's GitHub Action to steal LiteLLM's PyPI token, then shipped a backdoored release, CVE-2026-33634, CVSS 9.4.

Jul 16, 20266 min read
Supply Chain Attacks

Anatomy of a malicious npm package attack

One phished maintainer, 18 packages, and billions of weekly downloads — how npm/PyPI supply chain attacks actually unfold, and the signals that expose them.

Jul 14, 20266 min read
Open Source Security

Recurring vulnerability patterns in the PyPI ecosystem

PyYAML shipped two rounds of deserialization fixes in under two years — CVE-2017-18342 and CVE-2020-14343 — because the underlying pattern kept resurfacing.

Jul 14, 20266 min read
Supply Chain Attacks

The anatomy of a PyPI credential stealer

In a single 24-hour window in 2022, one actor shipped 12 malicious PyPI packages bundling Windows stealers that harvested browser, Discord, and Roblox credentials.

Jul 11, 20267 min read
Open Source Security

How to publish a secure Python package: signing, SBOMs, and trusted publishing

PyPI enforced two-factor authentication for all users on January 1, 2024 — but 2FA alone doesn't stop a stolen API token. Here's the full secure-publishing stack.

Jul 8, 20267 min read
Supply Chain Attacks

Bun-compiled JS binaries as PyPI credential stealers

Two lightning releases fetched the Bun runtime at import time to run an 11MB obfuscated JS stealer — PyPI's Python trust model didn't expect a JS binary.

Jul 8, 20266 min read
Supply Chain Attacks

How malicious PyPI packages steal cloud credentials at install time

A typosquat of a 200M-download SSH library stole AWS keys from 37,000 installs — before anyone imported it. Here's the install-time attack pattern.

Jul 8, 20266 min read
Supply Chain Attacks

Anatomy of a PyPI Compromise: How durabletask Got Hijacked in 35 Minutes

Three malicious durabletask releases hit PyPI in a 35-minute window in May 2026 — a maintainer-token theft, not a code review failure.

Jul 8, 20266 min read
Security Guides

Securing Your Python Supply Chain on PyPI

Typosquats, dependency confusion, and account takeovers all target the same moment: pip install. Here is how to make that moment trustworthy.

Jul 6, 20265 min read
Threat Research

What Is a Malicious Package? Supply-Chain Malware in Open Source

A malicious package is an open-source component built or altered to run attacker code on install or at runtime. Here is how they work, real npm and PyPI cases, and how to defend.

Jul 1, 20266 min read
Supply Chain Security

Software Supply Chain Attack at Scale: npm, PyPI, and Docker Hub Hit in 48 Hours

GitGuardian documented three distinct supply-chain campaigns striking npm, PyPI, and Docker Hub inside a single 48-hour window in April 2026. The simultaneity tells you more about attacker tooling than any single payload does.

Jun 24, 20267 min read
pypi — Safeguard Blog