Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2811 articles · 175088 vulns · 37/41 feeds (7d)
← Back to list
EST
PRE-CVEEXPLOITED

Malicious Python Package Supply Chain Attacks

60% confidence

Description

Exploitation of Python's packaging ecosystem through malicious packages hosted on repositories like PyPI or custom servers, enabling payload execution during installation without user interaction. Threat actors abuse the trust in package ecosystems to compromise developer infrastructure.

Related News (1 articles)

Tier C
Cisco Talos3h ago
The serpent’s tongue: Luring the Python out of its den
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
PublishedJul 14, 2026
Last enriched2h ago
Tags
supply chain attackpythonmalicious packages
Trending Score40
Source articles1
Independent1
Info Completeness3/14
Missing: cve_id, vendor, product, versions, cvss, epss, cwe, kev, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Pin to Dashboard

Verification

State: reported
Confidence: 60%

Vulnerability Timeline

CVE Published
Jul 14, 2026
Actively Exploited
Jul 14, 2026
Exploit Available
Jul 14, 2026
Discovered by ZDM
Jul 14, 2026