CybersecurityDefense

Anatomy of a Phishing Campaign - Mike Fiedler, Python Software Foundation

OpenSSF
OpenSSFMay 29, 2026

Why It Matters

The breach demonstrates how a single compromised maintainer can weaponize the open‑source supply chain, making robust authentication and funded security operations essential for protecting the broader software ecosystem.

Key Takeaways

  • Phishing emails mimicked PyPI, using one-character URL difference.
  • Attack leveraged compromised maintainer credentials to publish malicious packages.
  • WebAuthn prevented most credential theft; TOTP insufficient against session cookie theft.
  • PyPI responded by revoking tokens, removing packages, and issuing advisories.
  • Funding gaps limit 24/7 security response for open‑source registries.

Summary

Mike Fiedler of the Python Software Foundation walked the audience through a recent phishing campaign that targeted PyPI maintainers, illustrating how attackers spoofed official PyPI communications with a single‑character URL alteration and a man‑in‑the‑middle proxy to harvest credentials. The talk highlighted PyPI’s massive scale—13 billion daily requests, over a million accounts, and 900 new packages per day—making it a high‑value supply‑chain target. Attackers sent near‑identical emails, tricked four maintainers into entering credentials, captured session cookies, and published a malicious version of the popular num‑to‑words package, which could infiltrate downstream projects like Hugging Face Transformers. Fiedler emphasized that WebAuthn (passkey) stopped most compromises, while traditional TOTP codes were still vulnerable once a session cookie was obtained. He quoted, “keep the 100,000‑lb open source truck from rolling off a cliff,” and described the rapid response: revoking API tokens, removing the rogue releases, issuing public advisories, and coordinating with NPM and RubyGems. The incident underscores the need for stronger authentication defaults, better abuse‑report handling, and dedicated, funded security teams for open‑source registries, as reliance on volunteer staff leaves critical infrastructure exposed.

Original Description

Keynote: Anatomy of a Phishing Campaign - Mike Fiedler, Python Software Foundation
In July 2025, PyPI users received emails directing them to another site - a near-perfect clone transparently proxying requests to pypi.org. Within hours, attackers compromised four accounts and uploaded malicious releases of the popular num2words package.
This talk dissects the complete attack chain: how attackers harvested email addresses from public package metadata, built a transparent proxy that relayed TOTP codes in real-time, and why traditional 2FA failed while WebAuthn-based authentication stopped the attack cold.
The session covers the incident response timeline, challenges getting malicious infrastructure taken down (including initial rejection of abuse reports), and defensive measures deployed afterward—including new email verification for TOTP logins from unrecognized devices.
Attendees will learn exactly how modern phishing attacks work against package repositories, the critical difference between "phishable" and "phishing-resistant" 2FA, and practical steps to protect accounts and packages from the next campaign. The talk also examines the September 2025 follow-up campaign targeting another domain and patterns across these ongoing attacks.

Comments

Want to join the conversation?

Loading comments...