A widespread software supply chain attack, dubbed GlassWorm, is actively compromising hundreds of Python code repositories by using stolen GitHub access tokens. The campaign injects malicious code into projects, posing a significant risk to developers and organizations that rely on these open-source packages.
According to a report from cybersecurity firm StepSecurity, attackers are leveraging compromised credentials to gain unauthorized write access to repositories. Once inside, they append obfuscated malware to critical project files, including setup.py, main.py, and app.py. This method allows the malicious code to execute automatically when a developer or automated system runs or installs the compromised project.
Scope and Targets of the Attack
The attack is not limited to a single type of project. It targets a broad range of Python-based software, including popular web frameworks like Django, machine learning research code, data dashboard tools such as Streamlit, and packages intended for publication on the Python Package Index (PyPI). This wide net increases the potential impact, as these tools form the foundation for countless applications and services worldwide.
StepSecurity’s analysis indicates the campaign is ongoing and sophisticated. By using legitimate stolen tokens, the attackers can bypass standard security measures that would detect unauthorized login attempts. The forced code commits appear as legitimate updates from authorized users, making them difficult to identify without close scrutiny of the code changes themselves.
Security Implications and Response
The primary danger of this attack lies in its potential to infiltrate software supply chains. If a malicious package is unknowingly integrated into a business application or infrastructure, it could lead to data theft, system compromise, or further network intrusion. Developers who clone and run code from affected repositories are immediately at risk.
In response to the threat, security researchers are urging all GitHub users, especially repository maintainers, to take immediate action. Recommendations include revoking all existing personal access tokens and OAuth authorizations and generating new ones. Enabling two-factor authentication on GitHub accounts is also considered a critical defensive step.
Furthermore, organizations are advised to implement stricter controls on repository write access and to regularly audit commit histories for unauthorized or suspicious changes. Automated security tools that monitor for anomalous repository activity can provide an additional layer of defense against such token-based attacks.
Looking Ahead
Security analysts expect GitHub and other platform providers to issue further guidance and potentially new security features in response to the GlassWorm campaign. The investigation into the origin of the stolen tokens is ongoing, with efforts focused on determining the initial breach vector. Developers and companies are likely to see increased scrutiny of open-source dependencies, with a renewed emphasis on verifying the integrity of code before execution. The incident underscores the persistent vulnerabilities in software supply chains and the continuous need for vigilant security practices in open-source development.
Source: StepSecurity
