Attackers used a GitHub Actions flaw to backdoor the widely used open-source element-data package, exposing credentials and raising fresh alarms over software supply-chain security.
A supply-chain attack has compromised the open-source Python package element-data, which records more than 1 million monthly downloads, after attackers exploited a flaw in the project’s GitHub Actions workflow to push a malicious release.
The tainted version, 0.23.3, was uploaded to PyPI and Docker and designed to harvest sensitive data, including cloud keys, API tokens, SSH keys, warehouse credentials and .env secrets. The malicious package remained available for about 12 hours before being removed.
According to developers, attackers used a malicious pull request to run a bash script inside a developer account, extracting tokens and signing keys used to publish a near-indistinguishable rogue package.
“Users who installed 0.23.3, or who pulled and ran the affected Docker image, should assume that any credentials accessible to the environment where it ran may have been exposed,” the developers wrote.
The project removed the package within three hours of discovery, rotated credentials, fixed the GitHub Actions flaw, audited related workflows and released safe version 0.23.4, urging users to upgrade immediately and rotate exposed credentials.
The breach spotlights broader risks in open-source repository automation. HD Moore, founder and CEO of runZero, called insecure workflows “a major problem for open source projects with open repos,” adding it is “really hard to not accidentally create dangerous workflows that can be exploited by an attacker’s pull request.”
