Phishing Campaign Targets PyPI Maintainers with Fake Login Site

The Python Software Foundation (PSF) has issued a warning to developers about a recent phishing campaign targeting users of the Python Package Index (PyPI). 

This attack leverages fraudulent emails and a spoofed login site to steal credentials, representing a growing threat to the open-source ecosystem.

Phishing tactics

The campaign begins with phishing emails designed to resemble legitimate communications from PyPI.

These emails request recipients to “verify their account details” for supposed “maintenance and security procedures.” Victims are threatened with account suspension if they do not comply, a tactic intended to instill urgency and reduce scrutiny.

The malicious emails link to pypi-mirror[.]org, a domain crafted to mimic an official PyPI mirror. Once users attempt to log in on the fraudulent site, their credentials are harvested by attackers. 

The spoofed site is nearly identical to PyPI’s legitimate login page, employing HTTPS encryption, official logos, and precise styling to enhance credibility.

Broader risks

The danger of these attacks extends beyond compromised individual accounts. Stolen credentials grant threat actors the ability to tamper with or replace trusted packages published on PyPI. 

Given the reliance of global organizations and developers on open-source packages, even a single compromised maintainer account can have wide-reaching consequences. If attackers gain access to a maintainer’s credentials, they can tamper with existing packages or upload malicious updates that appear legitimate. 

Because PyPI packages are integrated into countless software projects and automated build pipelines, this compromise could silently introduce malware into applications and services used across industries. 

This risk is not theoretical — past incidents such as the npm attack showed how a single compromised package can cascade through the supply chain, affecting thousands of projects. The result is a classic software supply chain attack, where one weak link in the distribution process cascades into systemic risk.

This campaign is not unprecedented. In July 2025, attackers deployed a similar strategy using the domain pypj[.]org. The repetition of domain-confusion tactics suggests an ongoing effort to exploit developer trust and demonstrates how attackers can quickly rotate domains to evade detection.

The attackers’ domain-choice strategy relies on infrastructure deception. Many developers are accustomed to package repositories operating mirror sites for redundancy and distribution. By naming their domain pypi-mirror[.]org, the attackers exploited this familiarity to lend the phishing site false legitimacy.

In addition, the malicious domain used professional web design elements, SSL certificates, and replicated PyPI’s interface with remarkable accuracy. This level of sophistication suggests that the campaign is well-funded and deliberately engineered to maximize its success.

How PyPI responded 

PyPI maintainers responded promptly by coordinating with registrars and content delivery networks to remove malicious domains and submitting them to browser blocklists. They also collaborated with other open-source platforms to speed up takedowns and reduce exposure.

The PSF emphasized that any user who may have entered credentials into the fraudulent site should immediately change their PyPI password and review their Security History for suspicious activity. Users are also encouraged to report phishing attempts to security@pypi[.]org.

Best Practices for organizations and developers

To reduce the risk of phishing and credential theft, organizations and developers should follow these best practices:

• Use phishing-resistant authentication such as hardware security keys (e.g., YubiKeys) to block credential theft.
• Rely on password managers that autofill only on verified domains to prevent entry on spoofed sites.
• Apply privileged access management (PAM) to enforce least privilege, restrict lateral movement, and monitor activity.
• Verify domains and links before entering credentials, and avoid clicking unsolicited email links.
• Report and share phishing attempts with peers or community channels to increase awareness.

By combining user caution with strong technical controls, the developer community can better withstand the persistence of phishing campaigns against open-source ecosystems.

The ongoing phishing campaigns against PyPI maintainers highlight a persistent and evolving threat to the software supply chain. 

These attacks exploit the trust developers place in official-looking communications while relying on technical sophistication to trick even vigilant users. Defensive strategies must therefore integrate both user awareness and resilient authentication measures.