Python developers targeted in phishing campaign against PyPI repository

The Python Software Foundation has issued urgent warnings about an ongoing and phishing campaign targeting Python developers who use the Python Package Index (PyPI). 

The attackers aim to compromise developer accounts to potentially distribute malware through trusted Python packages. Hackers are targeting developers who have published projects on PyPI with their email addresses listed in package metadata.

PyPI serves as the default source for Python's package management tools and hosts hundreds of thousands of packages, providing developers with a centralized platform to distribute third-party software libraries. The repository is a cornerstone of the Python ecosystem, making it a high-value target for cybercriminals seeking to execute supply chain attacks.

The phishing campaign has evolved through multiple waves: 

• in July 2025, threat actors initiated attacks using the fraudulent domain pypj[.]org, employing typosquatting techniques where the lowercase "j" resembles the legitimate "pypi.org" domain.
• in September 2024, the campaign resurfaced with a new fraudulent domain, pypi-mirror[.]org, continuing the pattern of impersonation attacks.

Targeted developers receive emails with the subject line "[PyPI] Email verification" from spoofed addresses such as noreply@pypj[.]org or similar variants. These emails request recipients to "verify their email address" for "account maintenance and security procedures," and threatening account suspensions if users fail to comply within a specified timeframe, typically 72 hours. 

The emails contain malicious links that redirect victims to carefully crafted phishing sites that mimic the authentic PyPI interface.

When users enter their credentials on the fake sites, the phishing platform captures the information and simultaneously forwards the authentication requests to the legitimate PyPI servers. This creates the illusion that users have successfully logged into the real PyPI platform, potentially delaying detection of the compromise. 

Once attackers obtain valid PyPI credentials, they can potentially deploy malicous versions of packages, similar to the ongoing attacks on the NPM javascript platform. 

PyPI administrator Mike Fiedler confirmed that PyPI's infrastructure itself has not been breached, stating, "PyPI has not been hacked, but users are being targeted by a phishing attack that attempts to trick them into logging in to a fake PyPI site." The PyPI security team has implemented several protective measures, including displaying a prominent warning banner on the PyPI homepage to alert users about the ongoing phishing attempt.

The team has also submitted trademark violation and abuse notifications to content delivery network providers and domain name registrars to take down the malicious infrastructure.

Developers who have already clicked on malicious links and provided credentials should immediately change their PyPI passwords and thoroughly inspect their account's Security History for any unauthorized activities or unexpected changes. Any suspicious activity should be reported to security@pypi.org.

Users should never click on links in emails claiming to be from PyPI and should instead navigate directly to the site through bookmarks or trusted search results. The users should use password managers that auto-fill credentials based on domain names provide an additional layer of protection, as they will not auto-fill on fraudulent domains. Developers should enable phishing-resistant two-factor authentication (2FA) methods, such as hardware security keys or WebAuthn where possible.