A sophisticated software supply chain attack, dubbed ForceMemo, is actively compromising Python developers by secretly rewriting the history of their GitHub repositories. Security firm StepSecurity reports the campaign uses stolen account credentials to force-push malware directly into codebases, targeting everything from Django applications and machine learning research to PyPI packages and Streamlit dashboards.

The attackers, linked to the known GlassWorm threat actor, gain initial access by compromising developer systems with malicious VS Code extensions. These steal GitHub tokens, which are then used to access every repository under a victim's account. The malware is inserted by rebasing legitimate commits—appending obfuscated code to key files like `setup.py` or `main.py`—and then force-pushing the altered history. Crucially, this method preserves the original commit messages and author details, leaving no visible trace in GitHub's interface.

The injected payload checks the system's locale; if set to Russian, it halts. Otherwise, it contacts a command server by reading a transaction memo field from a specific Solana cryptocurrency wallet, a signature of GlassWung operations. This fetches further malware designed to steal data and cryptocurrency. The same wallet was used in attacks as early as November 2025, indicating a long-running campaign.

In a parallel disclosure, Aikido Security noted over 151 repositories were compromised using invisible Unicode characters to hide code, yet they ultimately pointed to the same Solana infrastructure. This shift from corrupting extensions to direct account takeover represents a significant and stealthy escalation in the group's tactics, posing a serious risk to open-source ecosystems.

Source: The Hackers News