#ghcr

1 analyses tagged ghcr, sorted newest first.

critical 6 sources
elementary-data PyPI and GHCR GitHub Actions Compromise
A malicious `elementary-data==0.23.3` release was pushed to PyPI and GHCR after attackers exploited a GitHub Actions script-injection path, adding an interpreter-startup `.pth` infostealer.

#pypi #github-actions #ghcr #supply-chain #credential-theft

2026-04-25