{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/pip/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":["TeamPCP"],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PyPI","pip","Python packages"],"_cs_severities":["high"],"_cs_tags":["supply-chain","python","pypi","software-security"],"_cs_type":"threat","_cs_vendors":["GitHub","GitLab"],"content_html":"\u003cp\u003ePython's widespread adoption and extensive third-party library ecosystem have made its packaging infrastructure an attractive target for threat actors engaging in supply chain attacks. Malicious Python packages, distributed via official repositories like PyPI, version control systems such as GitHub and GitLab, or custom web servers, are increasingly common. These attacks exploit the inherent trust in the Python packaging ecosystem, enabling payloads to execute automatically during the installation process without direct user interaction. This presents a significant risk to developer devices and organizational infrastructure that rely on Python. For example, TeamPCP has actively used misused Python modules in supply chain attacks to compromise Microsoft's GitHub subsidiary, highlighting the real-world impact of such threats. This brief details the layers of Python package installation, from hosting and distribution formats to the installation process itself, to help defenders understand the various vectors for compromise.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful supply chain attacks exploiting Python packages can lead to significant compromise of developer workstations and organizational infrastructure. Attackers can gain initial access, establish persistence, and execute arbitrary code, potentially leading to data exfiltration, further network compromise, or the introduction of backdoors into development environments. The widespread use of Python across data science, AI, and backend projects means a large number of development environments and production systems are at risk. The increasing trend of published malware advisories related to the Python package ecosystem, with Pip-related advisories representing 17% of all GitHub advisories in 2025, indicates a growing and targeted threat landscape.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnable comprehensive logging for \u003ccode\u003epip\u003c/code\u003e installations and Python package management activities across all development and production environments to identify suspicious package installations or modifications.\u003c/li\u003e\n\u003cli\u003eImplement dependency auditing tools to regularly scan Python projects for known malicious packages and vulnerabilities, leveraging the \u003ccode\u003epip\u003c/code\u003e environment variable \u003ccode\u003ePIP_CONFIG_FILE\u003c/code\u003e for centralized configuration.\u003c/li\u003e\n\u003cli\u003eEnforce strict version pinning strategies for all Python dependencies to prevent automatic updates to potentially compromised package versions.\u003c/li\u003e\n\u003cli\u003eUtilize installation-time controls, such as sandboxed environments or package integrity checks, to mitigate the risk of malicious code execution during \u003ccode\u003epip install\u003c/code\u003e commands.\u003c/li\u003e\n\u003cli\u003eReview and control access to custom Python package repositories, ensuring that any \u003ccode\u003epip --index-url\u003c/code\u003e or \u003ccode\u003epip --extra-index-url\u003c/code\u003e configurations point to trusted sources.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-14T10:01:37Z","date_published":"2026-07-14T10:01:37Z","id":"https://feed.craftedsignal.io/briefs/2026-07-python-supply-chain-risk/","summary":"Threat actors, including TeamPCP, are increasingly using malicious Python packages in supply chain attacks to compromise developer devices and infrastructure by exploiting trust in Python's packaging ecosystem, leading to automatic payload execution during installation.","title":"Analyzing Supply Chain Risks in Python Package Installation","url":"https://feed.craftedsignal.io/briefs/2026-07-python-supply-chain-risk/"},{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openbabel:open_babel:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.3,"id":"CVE-2025-10997"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Open Babel (\u003c 3.2.0)","pip/openbabel (\u003c 3.2.0)"],"_cs_severities":["high"],"_cs_tags":["chemistry","vulnerability","buffer-overflow","memory-corruption","cve"],"_cs_type":"advisory","_cs_vendors":["Open Babel"],"content_html":"\u003cp\u003eA memory-safety vulnerability, identified as CVE-2025-10997, has been discovered in Open Babel, a widely used C++ library and command-line tool for chemistry file format conversion. This flaw, reported via OSS-Fuzz, specifically exists within the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function of the ChemKin parser. Attackers can exploit this vulnerability by crafting a malicious ChemKin file that, when processed by a victim using Open Babel components (such as the \u003ccode\u003eobabel\u003c/code\u003e tool, the \u003ccode\u003eOBConversion\u003c/code\u003e API, or its language bindings), causes a heap buffer overflow. This leads to memory corruption, potentially resulting in application crashes (Denial of Service) or, under certain conditions, arbitrary code execution. All Open Babel releases up to and including version 3.1.1 are affected; the vulnerability was patched in version 3.2.0, released on 2026-05-26.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious ChemKin file specifically designed to contain malformed species records, triggering the heap buffer overflow in \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe malicious ChemKin file is delivered to the victim, typically via social engineering (e.g., email attachment), malicious download link, or embedding within a seemingly legitimate data set.\u003c/li\u003e\n\u003cli\u003eThe victim interacts with the malicious file, causing it to be processed by an Open Babel component, such as the \u003ccode\u003eobabel\u003c/code\u003e command-line tool, the \u003ccode\u003eOBConversion\u003c/code\u003e API, or one of its language bindings (Python, Ruby, Java, etc.).\u003c/li\u003e\n\u003cli\u003eOpen Babel's internal parser, specifically within the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function, attempts to process the malformed species record from the crafted file.\u003c/li\u003e\n\u003cli\u003eDue to the malformed data, the \u003ccode\u003eChemKinFormat::CheckSpecies\u003c/code\u003e function attempts to write data beyond the allocated bounds of a heap-allocated buffer.\u003c/li\u003e\n\u003cli\u003eThis heap buffer overflow corrupts memory, leading to an application crash (Denial of Service) or, under specific conditions, allows for arbitrary code execution on the victim's system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-10997 can lead to severe consequences for systems processing untrusted ChemKin files with affected versions of Open Babel. The primary impact includes denial of service, as the application processing the malicious file will likely crash due to memory corruption. More critically, sophisticated exploitation could lead to arbitrary code execution, granting attackers control over the compromised system. Open Babel is widely integrated, being shipped by Linux distributions and embedded in various services that parse chemical file formats. Organizations using Open Babel in such contexts, especially those handling external or untrusted data, are at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2025-10997 by upgrading all instances of Open Babel and its language bindings to version 3.2.0 or later immediately.\u003c/li\u003e\n\u003cli\u003eImplement strict input validation and sanitization for all ChemKin files processed by applications utilizing Open Babel components to mitigate risks from specially crafted inputs.\u003c/li\u003e\n\u003cli\u003eMonitor systems that utilize Open Babel for unexpected application crashes or unusual process behavior that could indicate attempted exploitation.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T13:01:12Z","date_published":"2026-07-03T13:01:12Z","id":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-heap-overflow/","summary":"A heap buffer overflow vulnerability (CVE-2025-10997) in Open Babel's ChemKin parser allows an attacker to achieve memory corruption when a victim processes a specially crafted ChemKin file, potentially leading to denial of service or arbitrary code execution.","title":"Open Babel Heap Buffer Overflow in ChemKin Parser (CVE-2025-10997)","url":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-heap-overflow/"},{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:openbabel:open_babel:3.1.1:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":9.8,"id":"CVE-2022-43467"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Open Babel (vulnerable: \u003c 3.2.0)","pip/openbabel (vulnerable: \u003c 3.2.0)"],"_cs_severities":["high"],"_cs_tags":["open-babel","vulnerability","memory-corruption","cve","library"],"_cs_type":"advisory","_cs_vendors":["Open Babel"],"content_html":"\u003cp\u003eA high-severity memory-safety vulnerability, identified as CVE-2022-43467, has been discovered in Open Babel's PQS \u003ccode\u003ecoord_file\u003c/code\u003e parser. This flaw affects all versions up to and including 3.1.1 of the Open Babel library and CLI tool, which is critical for processing various chemistry file formats. Exploitation occurs when a victim processes a specially crafted PQS file, leading to an out-of-bounds write within the \u003ccode\u003ecoord_file\u003c/code\u003e parsing path. This vulnerability was reported by Cisco TALOS and subsequently patched in version 3.2.0, released on 2026-05-26. Given Open Babel's widespread use across Linux distributions and in services that handle untrusted input, this flaw poses a significant risk of arbitrary code execution or denial of service.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a specially designed PQS file containing a malformed \u003ccode\u003ecoord_file\u003c/code\u003e specifier that targets the vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers this malicious PQS file to a target system or user, often via email, download, or integration into a workflow.\u003c/li\u003e\n\u003cli\u003eA user or automated service on the victim system opens and processes the malicious PQS file using an affected Open Babel component (e.g., \u003ccode\u003eobabel\u003c/code\u003e CLI tool, \u003ccode\u003eOBConversion\u003c/code\u003e API, or language bindings).\u003c/li\u003e\n\u003cli\u003eDuring the parsing process of the PQS \u003ccode\u003ecoord_file\u003c/code\u003e path, the malformed specifier triggers an out-of-bounds write operation.\u003c/li\u003e\n\u003cli\u003eThis memory corruption overwrites adjacent memory regions, leading to unpredictable program behavior, including crashes.\u003c/li\u003e\n\u003cli\u003eSuccessful exploitation can result in application crashes (Denial of Service) or, with further exploitation, arbitrary code execution on the compromised system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe vulnerability affects any system or service utilizing Open Babel versions up to 3.1.1 to process PQS files, particularly those that handle untrusted or external input. Open Babel is widely deployed as a C++ library and command-line interface, integrated into Linux distributions and various scientific applications. Successful exploitation of CVE-2022-43467 can lead to service disruption through denial of service (application crashes) or, more severely, arbitrary code execution, allowing attackers to gain control over affected systems. The full scope of potential victims is broad due to the library's foundational role in chemistry informatics.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately update all Open Babel installations to version 3.2.0 or later to patch CVE-2022-43467.\u003c/li\u003e\n\u003cli\u003eFor Python environments, ensure \u003ccode\u003epip/openbabel\u003c/code\u003e is updated to a version greater than or equal to 3.2.0.\u003c/li\u003e\n\u003cli\u003eImplement strict input validation for all PQS files processed by Open Babel components, especially those originating from untrusted sources, to mitigate the risk of malformed file attacks.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T12:53:09Z","date_published":"2026-07-03T12:53:09Z","id":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/","summary":"A high-severity memory-safety vulnerability (CVE-2022-43467) in Open Babel's PQS `coord_file` parser allows an attacker to achieve an out-of-bounds write by tricking a victim into opening a specially crafted PQS file, potentially leading to arbitrary code execution or denial of service in systems processing untrusted chemistry file formats.","title":"Open Babel PQS coord_file parser suffers from out-of-bounds write vulnerability (CVE-2022-43467)","url":"https://feed.craftedsignal.io/briefs/2026-07-open-babel-pqs-oob-write/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Linuxfabrik Monitoring Plugins","pip/linuxfabrik-lib"],"_cs_severities":["high"],"_cs_tags":["privilege-escalation","linux","sudo","cve"],"_cs_type":"advisory","_cs_vendors":["Linuxfabrik","Debian"],"content_html":"\u003cp\u003eA significant local privilege escalation (LPE) vulnerability, tracked as CVE-2026-52817, has been identified in Linuxfabrik Monitoring Plugins, specifically affecting installations using the provided \u003ccode\u003eDebian.sudoers\u003c/code\u003e file. This flaw permits the \u003ccode\u003enagios\u003c/code\u003e user, configured to run \u003ccode\u003eapt-get\u003c/code\u003e via \u003ccode\u003esudo\u003c/code\u003e without strict argument enforcement, to inject malicious parameters into the \u003ccode\u003eapt-get\u003c/code\u003e command. An attacker who has already compromised the \u003ccode\u003enagios\u003c/code\u003e account can leverage this to execute arbitrary commands with root privileges, effectively gaining a root shell. The vulnerability impacts environments where the \u003ccode\u003eLinuxfabrik Monitoring Plugins\u003c/code\u003e are deployed on Debian systems with the vulnerable \u003ccode\u003esudoers\u003c/code\u003e configuration, particularly versions of \u003ccode\u003epip/linuxfabrik-lib\u003c/code\u003e up to and including 5.0.0. This LPE poses a severe risk as it allows an attacker to escalate from a potentially low-privileged service account to full system compromise.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains initial access to a Debian system, compromising the \u003ccode\u003enagios\u003c/code\u003e user account (e.g., via a compromised monitoring agent or service).\u003c/li\u003e\n\u003cli\u003eThe attacker identifies that the \u003ccode\u003enagios\u003c/code\u003e user has \u003ccode\u003esudo\u003c/code\u003e privileges for \u003ccode\u003eapt-get\u003c/code\u003e commands, specifically due to the permissive entry in \u003ccode\u003e/etc/sudoers.d/Debian.sudoers\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker constructs a malicious \u003ccode\u003eapt-get\u003c/code\u003e command utilizing the \u003ccode\u003e-o\u003c/code\u003e option to inject a \u003ccode\u003ePre-Invoke\u003c/code\u003e hook.\u003c/li\u003e\n\u003cli\u003eThe attacker executes \u003ccode\u003esudo apt-get update -o APT::Update::Pre-Invoke::=\u0026quot;/bin/sh\u0026quot;\u003c/code\u003e as the \u003ccode\u003enagios\u003c/code\u003e user.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esudo\u003c/code\u003e executes \u003ccode\u003eapt-get update\u003c/code\u003e with root privileges.\u003c/li\u003e\n\u003cli\u003eDuring the \u003ccode\u003eapt-get\u003c/code\u003e update process, the \u003ccode\u003eAPT::Update::Pre-Invoke\u003c/code\u003e option causes \u003ccode\u003e/bin/sh\u003c/code\u003e to be executed with root privileges before the update officially starts.\u003c/li\u003e\n\u003cli\u003eThe attacker gains a fully functional root shell, bypassing standard privilege separation.\u003c/li\u003e\n\u003cli\u003eThe attacker can now execute arbitrary commands, install malicious software, or modify system configurations with administrative privileges.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis local privilege escalation allows a threat actor to achieve full root access on a compromised Debian system, provided they have already gained initial access to the \u003ccode\u003enagios\u003c/code\u003e user account. Successful exploitation means an attacker can move from a potentially isolated monitoring context to complete control over the host system. This can lead to severe data breaches, system integrity compromise, installation of backdoors, further lateral movement within the network, or deployment of ransomware. While the prerequisite of \u003ccode\u003enagios\u003c/code\u003e account compromise is a high barrier, the resulting root access represents a critical security failure for affected organizations, potentially affecting any sector utilizing Linuxfabrik Monitoring Plugins on Debian.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-52817\u003c/strong\u003e by updating \u003ccode\u003epip/linuxfabrik-lib\u003c/code\u003e to a version greater than 5.0.0, or apply the recommended \u003ccode\u003esudoers\u003c/code\u003e file configuration change mentioned in the advisory immediately.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDeploy the Sigma rule\u003c/strong\u003e provided in this brief to your SIEM to detect attempts to exploit CVE-2026-52817.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview \u003ccode\u003esudoers\u003c/code\u003e configurations\u003c/strong\u003e across your Linux fleet for overly permissive entries, especially for service accounts, following the principle of least privilege.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEnable process command-line logging\u003c/strong\u003e (e.g., via Auditd or Sysmon for Linux) to ensure the necessary telemetry for detecting the malicious \u003ccode\u003eapt-get\u003c/code\u003e execution.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T11:27:55Z","date_published":"2026-07-03T11:27:55Z","id":"https://feed.craftedsignal.io/briefs/2026-07-linuxfabrik-lpe/","summary":"A local privilege escalation vulnerability, CVE-2026-52817, exists in Linuxfabrik Monitoring Plugins within its Debian.sudoers configuration, allowing a pre-compromised `nagios` user to inject arbitrary `apt-get` arguments to execute commands as root and obtain a root shell on affected Debian systems.","title":"Linuxfabrik Monitoring Plugins Local Privilege Escalation via Sudo apt-get","url":"https://feed.craftedsignal.io/briefs/2026-07-linuxfabrik-lpe/"}],"language":"en","title":"CraftedSignal Threat Feed - Pip","version":"https://jsonfeed.org/version/1.1"}