top of page
perceptive_background_267k.jpg

elementary-data Compromised on PyPI and GHCR: Forged Release Pushed via GitHub Actions Script Injection

Published:

25 April 2026 at 08:55:08

Alert date:

25 April 2026 at 09:00:44

Source:

stepsecurity.io

Click to open the original link from this advisory

Supply Chain & Dependencies

A supply chain attack compromised the elementary-data Python package, with malicious version 0.23.3 published to PyPI through GitHub Actions script injection. The attack also pushed compromised container images to GitHub Container Registry. The malicious package was still listed as the latest release at the time of reporting, affecting both PyPI distribution and container deployments. This represents an active supply chain compromise targeting Python developers and containerized environments.

Technical details

Mitigation steps:

Affected products:

elementary-data
PyPI
GitHub Container Registry

Related links:

https://www.stepsecurity.io/blog/elementary-data-compromised-on-pypi-and-ghcr-forged-release-pushed-via-github-actions-script-injection

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page