Advisories for Pypi/Ctx package

2022

Embedded Malicious Code in ctx

The ctx hosted project on PyPI was taken over via user account compromise and replaced with a malicious project which contained runtime code which collected the content of os.environ.items() when instantiating Ctx objects.

Malware in ctx

The ctx hosted project on PyPI was taken over via user account compromise and replaced with a malicious project which contained runtime code that collected the content of os.environ.items() when instantiating Ctx objects. The captured environment variables were sent as a base64 encoded query parameter to a heroku application running at https://anti-theft-web.herokuapp.com. If you installed the package between May 14, 2022 and May 24, 2022, and your environment variables contain …