Another supply-chain attack: elementary-data Python package compromised (arstechnica.com)

The open-source Python package, element-data, with over a million monthly downloads, was compromised after attackers exploited a vulnerability in the developers' GitHub workflow, gaining access to sensitive signing keys and account credentials. On Friday, the threat actor published a malicious version of the package (tagged as 0.23.3) that extracted sensitive information, including user profiles and API tokens, from any systems that ran it. Though the malicious package was removed within 12 hours of its publication, users are advised to assume their credentials could be compromised. This incident highlights significant security risks in open-source software supply chains, especially as many organizations rely on such packages for machine learning performance monitoring. The breach occurred due to an exploit in a GitHub action, allowing unauthorized code execution in the developer's account. In response, the developers quickly rotated credentials and fixed the vulnerability, conducting a thorough audit of their GitHub actions. This serves as a critical reminder for the AI/ML community to prioritize security practices within their package management workflows to prevent similar attacks in the future.