Zc.buildout bootstrap.py domain-takeover risk security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Legacy zc.buildout bootstrap.py files in multiple PyPI packages still reach python-distribute[.]org, creating a supply-chain compromise risk if the domain is taken over. The script can fetch and execute distribute_setup.py, so a developer who runs it could pull attacker-controlled code into the build path. Affected packages named in the disclosure include tornado, pypiserver, slapos.core, roman, xlutils, and testfixtures.
Related Happenings
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
Campaign
First: 12.05.2026 14:29
Last: 12.05.2026 14:29
Sources 1
About this happening:
The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
Shai-Hulud supply-chain campaign spreading via stolen CI/CD credentials
CampaignAbout this happening: The **Shai-Hulud** **supply-chain campaign** remains active across **npm**, **PyPI**, and **Composer**, with the latest reporting tying **TeamPCP** to both a claimed **GitHub inte...
Mini Shai-Hulud SAP-related npm supply-chain campaign
Campaign
First: 29.04.2026 19:26
Last: 29.04.2026 19:26
Sources 1
About this happening:
A new **Mini Shai-Hulud** supply-chain campaign is targeting **SAP-related npm packages**, putting **developer and CI/CD environments** at risk of credential theft and malicious p...
Mini Shai-Hulud SAP-related npm supply-chain campaign
CampaignAbout this happening: A new **Mini Shai-Hulud** supply-chain campaign is targeting **SAP-related npm packages**, putting **developer and CI/CD environments** at risk of credential theft and malicious p...
Latest development: 12.05.2026 11:50
Mini Shai-Hulud expands beyond the original SAP-related npm packages to compromise TanStack, UiPath, Mistral AI, OpenSearch, Guardrails AI, and DraftLab packages across npm and PyPI, with malicious payloads using router_init.js, GitHub Actions abuse, and exfiltration to filev2.getsession[.]org, api.masscan[.]cloud, or attacker-controlled GitHub repositories.
Famous Chollima PromptMink supply-chain campaign targeting Web3 developers
Campaign
First: 29.04.2026 17:43
Last: 29.04.2026 17:43
Sources 1
About this happening:
The **PromptMink** campaign is widening **Famous Chollima**'s supply-chain intrusion playbook by pushing **tainted npm packages** into developer environments and stealing secrets....
Famous Chollima PromptMink supply-chain campaign targeting Web3 developers
CampaignAbout this happening: The **PromptMink** campaign is widening **Famous Chollima**'s supply-chain intrusion playbook by pushing **tainted npm packages** into developer environments and stealing secrets....
Shifty Corsair evolves open-source supply-chain tradecraft with fake firms, layered packages, and AI-assisted deception
Threat Actor Meta
First: 29.04.2026 17:43
Last: 29.04.2026 17:43
Sources 1
About this happening:
**Shifty Corsair** has expanded its operating model into a more convincing developer-lure ecosystem, increasing the risk of open-source supply-chain compromise against **Web3** ta...
Shifty Corsair evolves open-source supply-chain tradecraft with fake firms, layered packages, and AI-assisted deception
Threat Actor MetaAbout this happening: **Shifty Corsair** has expanded its operating model into a more convincing developer-lure ecosystem, increasing the risk of open-source supply-chain compromise against **Web3** ta...
UNC1069 Axios npm supply-chain campaign targeting build pipelines
Campaign
First: 01.04.2026 10:44
Last: 01.04.2026 10:44
Sources 1
About this happening:
The **Axios npm supply-chain compromise** has been tied to **UNC1069**, putting **npm consumers** and downstream **build pipelines** at risk from trojanized releases. Attackers se...
UNC1069 Axios npm supply-chain campaign targeting build pipelines
CampaignAbout this happening: The **Axios npm supply-chain compromise** has been tied to **UNC1069**, putting **npm consumers** and downstream **build pipelines** at risk from trojanized releases. Attackers se...
Latest development: 13.04.2026 20:39
OpenAI is revoking and rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a compromised Axios package version 1.14.1 during a March 31, 2026 supply-chain attack. The workflow had access to certificates used to sign ChatGPT Desktop, Codex, Codex CLI, and Atlas, and OpenAI says it found no evidence that user data, systems, intellectual property, or the signing certificate were compromised.
Timeline
-
28.11.2025 18:27 2 articles · 6mo ago
ReversingLabs identifies legacy zc.buildout bootstrap risk
Initial DisclosureReversingLabs identified legacy zc.buildout bootstrap.py files in PyPI packages that still reference python-distribute[.]org and can download and execute distribute_setup.py, leaving a hard-coded external dependency that could be abused through a domain takeover. The named packages include tornado, pypiserver, slapos.core, roman, xlutils, and testfixtures, and slapos.core and Tornado development or maintenance versions still ship the vulnerable code.
Show sources
- Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages — thehackernews.com — 28.11.2025 18:27
- Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages — thehackernews.com — 28.11.2025 18:27