2025 was a year of attention-grabbing malware campaigns targeting the open-source supply chain. From a campaign that affected a single package (tj-actions/changed-files) to massive supply chain compromises like the Shai-Hulud attacks against npm, vulnerability management teams need ways to keep track of compromised packages that provides accurate information in a timely fashion. PyPI, as a package manager with hundreds of thousands of legitimate packages, is also a tempting target for those threat actors who seek to invade the machines and organizations of the world’s Python developers.
While CVE rules prohibit use for tracking general-purpose malicious code, it does allow assigning a CVE ID to a legitimate package infected with malware. We will explore how modern vulnerability and malware management addresses the unique situations when malicious actors replace or augment legitimate open source software with malware to cause widespread harm. There are existing vulnerability notification pipelines that commonly rely on CVE identifiers, but the CVE Program wasn’t intended to support open source malware tracking. Given the complexities that arise from transitive dependency vulnerabilities when there are malicious takeovers of packages, this raises a question: what is the best way to track malicious supply chain compromises?