{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/pypi-packages/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["OpenSearch","PyPi packages","npm packages"],"_cs_severities":["critical"],"_cs_tags":["supply-chain-compromise","npm","pypi"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eOn May 12, 2026, a supply chain attack was disclosed affecting multiple npm and PyPi packages, including pre-release versions of OpenSearch. The attackers compromised these packages by injecting malicious code, potentially impacting developers and users who installed the affected versions. This incident highlights the increasing risk of supply chain attacks targeting open-source software repositories. The compromised packages could allow attackers to execute arbitrary code on systems where the packages were installed, leading to data theft, system compromise, or further propagation of malware. This incident is part of a broader campaign referred to as \u0026ldquo;Mini Shai Hulud\u0026rdquo; which targeted hundreds of packages. Defenders should prioritize identifying and removing affected packages from their environments.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker compromises developer accounts or package maintainer credentials.\u003c/li\u003e\n\u003cli\u003eMalicious code is injected into the OpenSearch pre-release npm packages.\u003c/li\u003e\n\u003cli\u003eCompromised packages are published to the npm and PyPi repositories.\u003c/li\u003e\n\u003cli\u003eDevelopers or automated build systems download and install the infected packages as part of their build process using \u003ccode\u003enpm install\u003c/code\u003e or \u003ccode\u003epip install\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe malicious code executes on the developer\u0026rsquo;s machine or build server, potentially establishing a reverse shell or downloading further payloads.\u003c/li\u003e\n\u003cli\u003eThe malicious code might inject itself into other project dependencies or build artifacts.\u003c/li\u003e\n\u003cli\u003eApplications built with the compromised packages are deployed to production environments, infecting end-user systems.\u003c/li\u003e\n\u003cli\u003eAttackers gain remote access to infected systems, enabling data exfiltration, lateral movement, and other malicious activities.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThis supply chain attack could impact a large number of developers and users who rely on the compromised OpenSearch pre-release packages. Successful exploitation allows attackers to execute arbitrary code on affected systems, leading to data breaches, system compromise, and potentially widespread disruption. Hundreds of packages were affected across NPM and PyPi. The impact could range from minor inconvenience to severe data loss and reputational damage.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement strict dependency management policies, including the use of package lockfiles (package-lock.json, yarn.lock, Pipfile.lock) to ensure consistent and verifiable builds.\u003c/li\u003e\n\u003cli\u003eUtilize software composition analysis (SCA) tools to identify and remediate vulnerable dependencies in your projects.\u003c/li\u003e\n\u003cli\u003eMonitor network connections originating from build servers and development environments for suspicious activity using the \u0026ldquo;Detect Suspicious Outbound Connection from Build Server\u0026rdquo; Sigma rule below.\u003c/li\u003e\n\u003cli\u003eConsider implementing sandboxing or containerization technologies to isolate build processes and limit the impact of compromised dependencies.\u003c/li\u003e\n\u003cli\u003eAudit your existing npm and PyPi dependencies for the compromised packages identified in the Wiz.io and Socket.dev blog posts.\u003c/li\u003e\n\u003cli\u003eDeploy the \u0026ldquo;Detect Suspicious Package Installation\u0026rdquo; Sigma rule to detect potentially malicious package installation commands.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-12T22:01:46Z","date_published":"2026-05-12T22:01:46Z","id":"https://feed.craftedsignal.io/briefs/2026-05-supply-chain-compromise/","summary":"Multiple npm and PyPi packages, including OpenSearch pre-release packages, were compromised in a supply chain attack, potentially leading to arbitrary code execution on developer or user systems.","title":"Compromised OpenSearch Pre-Release npm Packages in Supply Chain Attack","url":"https://feed.craftedsignal.io/briefs/2026-05-supply-chain-compromise/"}],"language":"en","title":"CraftedSignal Threat Feed — PyPi Packages","version":"https://jsonfeed.org/version/1.1"}