Version 0.23.3 compromised via GitHub Actions script injection; malware harvests dbt profiles, cloud credentials, SSH keys, and secrets at interpreter startup using .pth file execution.
May 27, 2026
Summary
If you installed elementary-data==0.23.3, the malware activated on every Python startup before your code ran, exfiltrating all accessible credentials (AWS, GCP, Azure, Snowflake, Kubernetes, SSH) regardless of whether you explicitly imported the package. This affects data engineers running the CLI against connected warehouses and any developer machine where the package was installed.
Why it matters
If you installed elementary-data==0.23.3, the malware activated on every Python startup before your code ran, exfiltrating all accessible credentials (AWS, GCP, Azure, Snowflake, Kubernetes, SSH) regardless of whether you explicitly imported the package. This affects data engineers running the CLI against connected warehouses and any developer machine where the package was installed.
Implementation verdict
Immediately uninstall elementary-data==0.23.3 and upgrade to 0.23.4. Rotate all credentials that could have been on affected machines: dbt profiles, cloud provider keys, SSH keys, .env files, API tokens, Kubernetes configs. Scan CI/CD runners and developer machines for $TMPDIR/.trinny-security-update (Linux/macOS) or %TEMP%\.trinny-security-update (Windows) as evidence of execution. This is not optional—the payload is confirmed live on PyPI and requires immediate action.
Sources
Dev Signal
Get briefs like this in your inbox — free, every weekday.
100+ sources compressed into one 4-minute read. Ranked, cited, implementation-ready.