• Home
  • cyber
  • GitHub, Streamlit and Python Package Index: Ongoing Python Package Attack Uses Stolen GitHub Tokens
cyber Cyber Attack

GitHub, Streamlit and Python Package Index: Ongoing Python Package Attack Uses Stolen GitHub Tokens

Mar 17, 2026 2 min read
GitHub, Streamlit and Python Package Index: Ongoing Python Package Attack Uses Stolen GitHub Tokens

GlassWorm Malware Campaign Exploits Stolen GitHub Tokens to Infect Python Repositories

Security researchers at StepSecurity have uncovered an active malware campaign, dubbed GlassWorm, which is leveraging stolen GitHub tokens to inject malicious code into a wide range of Python repositories. The attack targets core project files including setup.py, main.py, and app.py across multiple Python ecosystems, such as Django applications, machine learning research code, Streamlit dashboards, and packages on the Python Package Index (PyPI).

The campaign employs obfuscation techniques to evade detection, making it difficult for developers and security teams to identify compromised code. Once executed, the injected payload can enable remote access, facilitate data exfiltration, or further propagate the infection within connected networks and systems.

Given Python’s widespread use in web development, data analytics, and scientific research, the attack poses significant risks to the integrity and security of applications built on these repositories. The primary entry point stolen GitHub tokens highlights the growing threat of supply chain attacks, where attackers exploit weak authentication controls to compromise trusted codebases.

StepSecurity has confirmed the campaign’s ongoing activity, emphasizing the need for heightened vigilance in token management and code review processes to mitigate further exposure.

Source: https://dailysecurityreview.com/cyber-security/ongoing-python-package-attack-uses-stolen-github-tokens/

Streamlit cybersecurity rating report: https://www.rankiteo.com/company/streamlit

GitHub Security Lab cybersecurity rating report: https://www.rankiteo.com/company/github-securitylab

Python Software Foundation cybersecurity rating report: https://www.rankiteo.com/company/thepsf

"id": "STRGITTHE1773750273",
"linkid": "streamlit, github-securitylab, thepsf",
"type": "Cyber Attack",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Software Development, Data Analytics, '
                                    'Scientific Research',
                        'name': 'Python repositories (Django, ML research, '
                                'Streamlit, PyPI)',
                        'type': 'Code repositories'}],
 'attack_vector': 'Stolen GitHub tokens',
 'data_breach': {'data_exfiltration': 'Possible',
                 'file_types_exposed': ['setup.py', 'main.py', 'app.py'],
                 'type_of_data_compromised': 'Source code, potential sensitive '
                                             'data via remote access'},
 'description': 'Security researchers at StepSecurity have uncovered an active '
                'malware campaign, dubbed *GlassWorm*, which is leveraging '
                'stolen GitHub tokens to inject malicious code into a wide '
                'range of Python repositories. The attack targets core project '
                'files including *setup.py*, *main.py*, and *app.py* across '
                'multiple Python ecosystems, such as Django applications, '
                'machine learning research code, Streamlit dashboards, and '
                'packages on the Python Package Index (PyPI). The campaign '
                'employs obfuscation techniques to evade detection, making it '
                'difficult for developers and security teams to identify '
                'compromised code. Once executed, the injected payload can '
                'enable remote access, facilitate data exfiltration, or '
                'further propagate the infection within connected networks and '
                'systems. Given Python’s widespread use in web development, '
                'data analytics, and scientific research, the attack poses '
                'significant risks to the integrity and security of '
                'applications built on these repositories.',
 'impact': {'data_compromised': 'Malicious code injection enabling remote '
                                'access and data exfiltration',
            'operational_impact': 'Potential compromise of application '
                                  'integrity and security',
            'systems_affected': 'Python repositories (Django applications, '
                                'machine learning research code, Streamlit '
                                'dashboards, PyPI packages)'},
 'initial_access_broker': {'entry_point': 'Stolen GitHub tokens'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Need for heightened vigilance in token management and '
                    'code review processes to mitigate supply chain attacks.',
 'post_incident_analysis': {'root_causes': 'Exploitation of weak '
                                           'authentication controls (stolen '
                                           'GitHub tokens)'},
 'recommendations': 'Improve GitHub token security, enhance code review '
                    'processes, and monitor for obfuscated malicious code.',
 'references': [{'source': 'StepSecurity'}],
 'response': {'third_party_assistance': 'StepSecurity'},
 'title': 'GlassWorm Malware Campaign Exploits Stolen GitHub Tokens to Infect '
          'Python Repositories',
 'type': 'Malware Campaign'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.