FlagThis

A new feature called digital attestations has been released on PyPI, the Python Package Index, to bolster supply chain security for Python packages. These attestations essentially function as digital signatures, cryptographically linking packages published on PyPI to the specific source code used for their creation, thus offering stronger assurance that packages downloaded from PyPI haven’t been tampered with or injected with malicious code. This feature utilizes a mechanism that proves a trustworthy build system was used to generate and publish the package, starting with its source code on GitHub. This development significantly enhances the reliability and trust in Python package distribution by providing concrete evidence of package origin and authenticity, mitigating risks associated with malware injection or tampering within the Python ecosystem. While this feature is already available to those using the PyPI Trusted Publishers mechanism in GitHub Actions, a new API has been introduced for consumers and installers to verify published attestations, allowing for broader adoption and increased confidence in package provenance across the Python community.

A new and concerning attack technique has been identified by Checkmarx researchers, leveraging the entry points of open source application packages. This technique, dubbed “command jacking,” exploits the ability of developers to expose specific functions as command line tools. Attackers can create malicious packages with fake entry points, impersonating widely-used third-party tools or system commands like ‘aws’, ‘docker’, ‘npm’, ‘pip’, ‘git’, ‘kubectl’, ‘terraform’, ‘gcloud’, ‘heroku’, or ‘dotnet’. When unsuspecting developers install these packages and run the hijacked commands, malicious code can be executed, potentially leading to data theft, malware installation, and compromise of entire cloud infrastructures.

Open source application packages, including those in Python and JavaScript, have a vulnerability in their entry points that could be used by threat actors to execute malicious code to steal data, plant malware, and more. This warning to developers and infosec leaders comes from researchers at Checkmarx, who dub the techniques “command jacking.” Attackers can use entry points to run specific commands impersonating popular third-party tools and system commands, but they could also leverage malicious plugins and extensions. This highlights the importance of scrutinizing open source package repositories and ensuring that developers are aware of the potential risks associated with entry point attacks.