Our Take
Supply chain attacks now routinely hit packages with millions of downloads, making credential rotation a monthly hygiene task.
Why it matters
CI/CD runners are especially exposed because they mount broad sets of secrets at runtime. Any team running automated pipelines needs immediate incident response protocols for compromised dependencies.
Do this week
DevOps teams: Check for /tmp/.trinny-security-update on all machines and rotate all credentials accessible from environments where elementary-data 0.23.3 ran.
Elementary-data 0.23.3 shipped credential-stealing malware
The popular Python package elementary-data, with 1 million monthly downloads, shipped malicious code in version 0.23.3 that stole user credentials. The compromised version created marker files at /tmp/.trinny-security-update on macOS/Linux and %TEMP%\.trinny-security-update on Windows to indicate successful payload execution.
Developers have released version 0.23.4 as a clean replacement. The malware specifically targeted dbt profiles, warehouse credentials, cloud provider keys, API tokens, SSH keys, and contents of .env files from infected environments.
CI/CD pipelines amplify the damage
CI/CD runners face the highest exposure risk because they typically mount broad sets of secrets at runtime. A single compromised package can access production database credentials, cloud provider keys, and API tokens across an organization's entire deployment pipeline.
HD Moore, founder and CEO of runZero with four decades of security experience, identified GitHub Actions workflows as particularly vulnerable. "It's really hard to not accidentally create dangerous workflows that can be exploited by an attacker's pull request," Moore said. Supply chain attacks on open source repositories have become increasingly common over the past decade, often creating chains of compromise from package to user environment to downstream systems.
Immediate response checklist
First, check your installed version with pip show elementary-data | grep Version. If you find version 0.23.3, uninstall it immediately and replace with version 0.23.4. Update your requirements and lockfiles to pin explicitly to elementary-data==0.23.4 and delete cache files to remove artifacts.
Search for the malware's marker files on any machine where the CLI may have run. If present, the payload executed successfully on that system. Most critically, rotate any credentials accessible from environments where version 0.23.3 ran, including all database connections, cloud provider access keys, and API tokens.
Contact your security team to hunt for unauthorized usage of exposed credentials using the indicators of compromise from the incident report. The broad download base means this compromise likely affected thousands of organizations simultaneously.