Security-announce

Download

security-announce@python.org

May 2022

1 participants
1 discussions

Incident Report: Malicious takeover of ctx project on PyPI
by ee＠python.org May 24, 2022

May 24, 2022

Takeover of the ctx project was reported on multiple channels overnight and was mitigated as of 6:07 AM Eastern. We confirmed via investigation that this compromise was of a single user account due to re-registration over an expired domain. The domain that hosted the users email address was re-registered 2022-05-14T18:40:05Z and a password reset completed successfully for the user at 2022-05-14T18:52:40Z. Original releases were then deleted and malicious copies uploaded. PyPI itself was not directly compromised. Read the full incident report at https://python-security.readthedocs.io/pypi-vuln/index-2022-05-24-ctx-domai… -Ee Durbin Director of Infrastructure Python Software Foundation

1 0