The phishing wave hasn’t stopped. It has only shifted.
This week, PyPI users are the target. Attackers are sending emails that look official, asking recipients to “verify their email address” for “account maintenance and security procedures.”
The message warns of suspension if ignored. The link, however, points to pypi-mirror.org, a domain unaffiliated with PyPI or the Python Software Foundation.
If you clicked and entered your credentials, act fast: change your PyPI password and review your Security History for unusual activity. Any signs of compromise should be reported to [email protected].
The tactic isn’t new. Earlier this year, PyPI saw a nearly identical campaign, and other open source repositories have been targeted with the same trick. The pattern is clear. Bad actors will keep registering fresh domains and sending convincing emails until they hit enough victims.
What PyPI is Doing
Stopping phishing isn’t straightforward. Only phishing-resistant two-factor authentication, like hardware tokens, could cut these attacks off completely. In the meantime, PyPI maintainers are:
- Working with registrars and CDNs to shut down malicious domains.
- Adding phishing sites to blocklists so browsers warn users before they click.
- Coordinating with other package managers for faster takedowns.
- Exploring stronger TOTP protections against phishing.
What Maintainers Can Do
Maintainers have their own role in slowing the spread:
- Never click links in unexpected emails.
- Rely on password managers with domain-based autofill—if it doesn’t trigger, be suspicious.
- Use hardware keys or other phishing-resistant 2FA.
- When unsure, ask for help and share suspicious emails.
- Spread the word. PyPI isn’t the only open source service in the crosshairs.
The attacks are simple, but the defense requires discipline. Phishing thrives on haste and trust. Slow down, verify, and keep your guard up.
A High-Severity Supply Chain Risk
Jason Soroko, Senior Fellow at Sectigo, says this is a high severity supply chain risk. “A single compromised maintainer account can seed malware into widely used packages and the blast radius extends to CI systems and production.
“The lure uses convincing language and lookalike domains that defeat quick visual checks, so even seasoned developers can be caught. Because open source ecosystems are highly transitive, one tainted update can cascade through thousands of downstream builds in hours. Treat it as a credible attempt to weaponize software distribution and not just another phishing wave,” he adds.
Soroko advises that organizations harden publishing identities and pipelines now. “Require phishing-resistant MFA with passkeys or hardware security keys on PyPI and source control accounts and remove SMS.”
Prefer Trusted Publishing or OIDC-based releases to avoid long-lived API tokens and restrict who can release, he says.
“Enforce pre-publish reviews and change control, rotate tokens, and monitor PyPI Security History and CI logs for anomalous actions. Pin dependencies with hashes, maintain lockfiles, and alert on unexpected package names or registries in build manifests. Train maintainers to navigate directly to pypi.org instead of using email links and prepare a rollback and token rotation playbook in case a maintainer account is compromised.”
Build Resilience
Shane Barney, Chief Information Security Officer at Keeper Security, adds that phishing isn’t going away – it’s evolving. “Attackers will always find new domains to mimic, but organizations can make those attempts far less effective. The goal for security leaders isn’t to chase every domain, but to build resilience so one bad click doesn’t become a breach.”
That starts with enforcing phishing-resistant MFA, like YubiKeys, for developers and admins, adds Barney. “Pairing that with password managers that auto-fill only on trusted domains closes off the most common entry points. On the enterprise side, privileged access management is the failsafe – enforcing least privilege, limiting lateral movement, and monitoring activity so that even if malicious code slips through, it can’t run unchecked. It’s not about eliminating risk, it’s about putting enough guardrails in place that a single compromised credential doesn’t cascade into a larger incident.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.