The maintainers are asking everyone who installed version 0.23.3 to carry out the following steps immediately:
1. Verify which version you have installed:
pip show elementary-data | grep Version2. If it reports 0.23.3, remove it and install the safe release:
pip uninstall elementary-data
pip install elementary-data==0.23.4Explicitly pin elementary-data==0.23.4 in your requirements and lockfiles.
3. Remove any cache files to prevent leftover artifacts.
4. Inspect any machine where the CLI may have run for the malware marker file: if found, the payload ran on that host.
macOS / Linux: /tmp/.trinny-security-update
Windows: %TEMP%.trinny-security-update5. Rotate all credentials that could have been accessed from environments where 0.23.3 ran — dbt profiles, warehouse credentials, cloud provider keys, API tokens, SSH keys, and any .env contents. CI/CD runners are especially at risk because they often expose many secrets at runtime.
6. Engage your security team to look for signs of unauthorized use of exposed credentials. The relevant IOCs are listed at the bottom of this post.
Over the last ten years, supply-chain attacks against open source repositories have become more frequent. In many incidents a malicious package has triggered a chain of compromises: first affecting users and then enabling further breaches via the compromised users’ environments.
HD Moore, a hacker with more than forty years of experience and the founder and CEO of runZero, warned that user-created repository workflows, like GitHub Actions, are well known for containing vulnerabilities.
“It’s a major problem for open source projects with open repos,” he said. “It’s very easy to unintentionally create dangerous workflows that an attacker’s pull request can exploit.”
He noted that this package can help detect such weaknesses.
