GlassWorm Campaign Injects Malware into Hundreds of Python Repositories via Stolen GitHub Tokens
What Happened — Threat researchers observed the GlassWorm malware family using stolen GitHub personal‑access tokens to force‑push obfuscated malicious code into Python projects. The payload is appended to common entry‑point files such as setup.py, main.py and app.py across Django apps, machine‑learning research code, Streamlit dashboards, and PyPI packages.
Why It Matters for TPRM —
- Supply‑chain risk: compromised open‑source libraries can propagate malicious code to downstream customers.
- Credential exposure: stolen developer tokens give attackers write access to repositories, bypassing traditional perimeter controls.
- Broad impact: any organization that builds on or consumes affected Python packages may inherit the malware.
Who Is Affected — Technology SaaS, Cloud‑infrastructure providers, Financial services, Healthcare, Research institutions, and any other sector that relies on third‑party Python code.
Recommended Actions —
- Conduct an inventory of all third‑party Python dependencies and verify their integrity.
- Enforce strict token policies: least‑privilege scopes, short‑lived tokens, and regular rotation.
- Enable signed commits and enforce branch‑protection rules on critical repositories.
- Deploy repository‑monitoring tools to detect unauthorized force‑pushes or anomalous commit activity.
Technical Notes — Attack vector: stolen GitHub tokens (likely obtained via phishing or credential dumping). No public CVE associated. Malicious code is obfuscated and executed when the compromised Python package is installed or run. Data types involved are source‑code files and potentially embedded secrets. Source: The Hacker News