Two malicious packages, zebo and cometlogger, were discovered on the Python Package Index (PyPI), capable of stealing keystrokes and hijacking social accounts. These packages, with over 280 downloads combined before being taken down, were found to exfiltrate sensitive information from compromised hosts. This incident highlights the importance of vigilance when using open-source software.
A new feature called digital attestations has been released on PyPI, the Python Package Index, to bolster supply chain security for Python packages. These attestations essentially function as digital signatures, cryptographically linking packages published on PyPI to the specific source code used for their creation, thus offering stronger assurance that packages downloaded from PyPI haven’t been tampered with or injected with malicious code. This feature utilizes a mechanism that proves a trustworthy build system was used to generate and publish the package, starting with its source code on GitHub. This development significantly enhances the reliability and trust in Python package distribution by providing concrete evidence of package origin and authenticity, mitigating risks associated with malware injection or tampering within the Python ecosystem. While this feature is already available to those using the PyPI Trusted Publishers mechanism in GitHub Actions, a new API has been introduced for consumers and installers to verify published attestations, allowing for broader adoption and increased confidence in package provenance across the Python community.