CTI Swarm
Zurück zu allen Deep Dives
SNYK SECURITY LABS

Supply-chain attack on a popular Python SBOM tool — eight weeks of stolen credentials

Strategische Zusammenfassung

A 56-day supply-chain compromise of cyclonedx-py exfiltrated CI/CD environment secrets — particularly cloud OIDC federation tokens — from ~2300 organizations between March 12 and May 7, 2026. The malicious payload was introduced via a typosquatted dependency from a trusted maintainer account. Recommended response: pin SBOM-tool versions, isolate SBOM generation from secrets, and audit cloud credential usage from CI over the affected window.

Key Findings

  • cyclonedx-py backdoored from March 12 to May 7, 2026 — 56-day exposure window.
  • Backdoor exfiltrated CI/CD environment variables, with focus on cloud OIDC tokens.
  • ~2 300 organizations ran affected versions during the window (Snyk telemetry).
  • Treat all cloud credentials present in CI SBOM runs over that window as compromised.
  • Hardening: pin SBOM tool versions + run SBOM generation in secret-free ephemeral env.

Volltext

Between March 12 and May 7, 2026, an attacker maintained a backdoor in cyclonedx-py — a widely used Python SBOM generation library — that quietly exfiltrated environment variables containing CI/CD secrets to an attacker-controlled endpoint. The backdoor was introduced via a typosquatted dependency that the maintainer accepted as a contribution from a previously trusted GitHub account.

Snyk Labs identified the malicious code through a routine differential analysis of newly published versions. The exfiltration endpoint resolved to a Cloudflare Worker route that has since been sinkholed in cooperation with Cloudflare's trust and safety team.

We estimate roughly 2,300 organizations were running affected versions during the window. Any AWS, Azure, or GCP credentials present as environment variables during SBOM generation in CI should be considered compromised and rotated. The attacker showed particular interest in OIDC tokens used for cloud federation.

Our recommended response: pin SBOM-tool versions in CI, run SBOM generation in an ephemeral, secret-free environment when possible, and audit cloud credential usage from CI pipelines over the eight-week window for anomalous calls.