“Chimera-sandbox-extensions” exploit highlights rising risks of open-source package abuse, prompting calls for stricter dependency controls and DGA malware detection.

A malicious Python package posing as a harmless add-on for the Chimera sandbox environment, an integrated machine learning experimentation and development tool, is helping threat actors steal sensitive corporate credentials.
According to new research findings from software supply chain and DevOps company JFrog, the package “chimera-sandbox-extensions”, recently uploaded to the popular PyPI repository, contains a stealthy, multi-stage info-stealer.
“The detection of harmful packages, such as chimera-sandbox extensions, on PyPI highlights the significant and widespread risk posed by software supply chain attacks,” said Eric Schwake, director of Cybersecurity Strategy at Salt Security. “The primary threat lies in its ability to collect sensitive developer-related data, including credentials, configuration files, and especially AWS tokens and CI/CD environment variables.”
This poses a direct risk to corporate and cloud infrastructures, enabling attackers to maliciously access and possibly alter or steal large volumes of data through compromised API credentials, Schwake added.
Targeting corporate and cloud infrastructure
The package targets users of the cloud-based, chimera-sandbox environment, in an attempt to cast a wider net and steal high-value corporate-level credentials. Intelligence gained from stolen tokens and logs could help attackers further infiltrate or sabotage infrastructure.
“The package aims to steal credentials and other sensitive information such as JAMF configuration, CI/CD environment variables, and AWS tokens,” JFrog researchers said in a blog post. Additionally, it exfiltrates Pod sandbox environment authentication tokens and git data, Zscaler host configuration, public IP address, and general platform, user, and host information.
Once installed, the package kicks off a sophisticated domain generation algorithm (DGA), choosing from a set of 10 addresses to locate its command-and-control (C2) center. After C2 communication is achieved, it downloads a dynamic, second-stage Python payload tailored to steal environment data.
“This incident underscores the growing sophistication of supply chain attacks, where seemingly trustworthy packages can deliver dangerous malware,” said Mike McGuire, senior security solutions manager at Black Duck. “Unfortunately, attacks like these are likely to increase in frequency, so teams need to take a layered approach to defending themselves.”
Protection needs a multi-layered approach
Experts are treating the chimera-sandbox-extension incident as more than just another malicious package takedown. While JFrog acted quickly—alerting PyPI maintainers, removing the package, and updating its Xray scanner–researchers agree that a one-time fix isn’t enough.
“Within the last five years, attackers have leveraged PyPI and other package managers to exploit developer trust through typosquatting and supply chain attacks,” said Fletcher Davis, senior security research manager and BeyondTrust. “The chimera-sandbox extensions incident underscores that traditional security approaches are insufficient against modern supply chain threats. Supply chain security requires a proactive, multi-layered approach combining technical controls, process improvements, and continuous monitoring rather than relying solely on reactive measures.”
More specifically, Jason Soroko, senior fellow at Sectigo, said banning direct “PiP” and “uv” installs from public indexes can help. “Mirror approved dependencies in an internal repository and enforce hash pinning in lockfiles,” he added. “Scan all incoming packages with static and dynamic analysis to detect DGA calls and credential‑harvesting code observed in chimera‑sandbox‑extensions. Automate removal of outdated or unused dependencies.” Abuse of open-source package managers has surged in recent years, driven by their massive reach and the potential for widespread impact through millions of daily downloads. In recent findings, attackers leveraged the npm package manager to push malicious packages for erasing entire production systems, spying on DevOps machines, and planting stealers and RCE malware.
If you found this article helpful, please support our YouTube channel Life Stories For You
situs penipu
I am sure this piece of writing has touched all the internet users, its really really fastidious paragraph on building up new
weblog.
does vibely mascara work
Hey There. I found your blog using msn. This is a very well written article.
I’ll make sure to bookmark it and return to read more of your useful information. Thanks for
the post. I’ll certainly comeback.
Удаление новообразований на коже
Ahaa, its pleasant discussion regarding this piece of writing here
at this web site, I have read all that, so at this time me also commenting here.
🖥 + 1.489966 BTC.GET - https://yandex.com/poll/enter/E34y9iSdaRJD7QXHZ9jb9R?hs=391e1c006ef7a44963b9cadc126edcff& 🖥
aviqyw
Buy proxies socks
Hey there! I simply wish to offer you a big thumbs up for the
great info you’ve got here on this post. I am returning
to your website foor more soon.
https://j88f.co/
excellent issues altogether, you just gained a emblem new reader.
What may you suggest about your publish that you made a few days
ago? Any sure?
sweet bonanza spiele
When I initially commented I clicked the “Notify me when new comments are added” checkbox
and now each time a comment is added I get several emails with the same
comment. Is there any way you can remove people from that
service? Many thanks!
cara main slot pulsa
Hi there, I discovered your web site via Google at the same time as
looking for a similar subject, your web site came up, it looks
great. I have bookmarked it in my google bookmarks.
Hi there, simply turned into aware of your weblog thru
Google, and found that it is truly informative.
I am gonna be careful for brussels. I will appreciate when you proceed this in future.
Numerous other folks will be benefited out of your writing.
Cheers!
Private proxies cheap
My coder is trying to convince me to move to .net from PHP.
I have always disliked the idea because of the expenses.
But he’s tryiong none the less. I’ve been using Movable-type
on numerous websites for about a year and am concerned about switching to another platform.
I have heard fantastic things about blogengine.net.
Is there a way I can import all my wordpress posts into it?
Any help would be really appreciated!
Beste Casino
Highly energetic post, I liked that bit. Will there
be a part 2?
دوربین هایک ویژن
wonderful points altogether, you just received a logo new reader.
What may you recommend about your publish that you just made a few
days in the past? Any certain?
cek video bokep Indo
I like it whenever people come together and share thoughts.
Great website, continue the good work!
rv rental
Hi Dear, are you in fact visiting this website regularly, if so afterward you will without doubt take good
experience.
Var kan man köpa billiga t-shirts?
My brother recommended I might like this website.
He was totally right. This post truly made my day. You can not imagine just how much time I had spent for this info!
Thanks!
Vilka t-shirts passar för företagstryck?
Hello, Neat post. There is a problem together
with your web site in internet explorer, would
check this? IE still is the marketplace leader
and a huge component of folks will pass over your excellent writing due to this
problem.
Joy Casino
I am not sure where you are getting your information, but good topic.
I needs to spend some time learning more or understanding more.
Thanks for excellent info I was looking for this info for my mission.
Honey Money
I got this site from my friend who informed me regarding this
web page and at the moment this time I am browsing this site and
reading very informative content at this time.
punta cana airport transfer to majestic elegance
I know this if off topic but I’m looking into starting my own blog and was wondering
what all is needed to get set up? I’m assuming having a blog like yours would cost a pretty penny?
I’m not very web smart so I’m not 100% positive. Any recommendations or advice would be greatly appreciated.
Thanks
Private Proxies Dedicated
For latest news you have to go to see the web and on web I found this web page as a best web site for most recent updates.
stripchat tokens promotion
For those who are looking for a free alternative way
to get unlimited official tokens without having to buy on stripchat, you should follow
this method until the end.
WhatsApp LDPlayer hash extractor
If you’re looking for a powerful WhatsApp hash extractor
or WhatsApp WART extractor, you need a reliable tool that can efficiently extract WhatsApp account details from Android devices.
Whether you’re a digital marketer, researcher, or developer, our WhatsApp account
extractor software provides seamless extraction of WhatsApp protocol
numbers, hash keys, and more.
dirtyroulette sex download
Appreciate this post. Will try it out.
구글깡통 구매
If you desire to obtain a great deal from this article then you have to apply these techniques
to your won website.
Стейк
It’s not my first time to go to see this website, i am browsing
this web site dailly and take good data from here daily.
Where To Buy Proxies
Hurrah! In the end I got a website from where I can really take useful
information concerning my study and knowledge.
Как проходит ботулинотерапия
I’m really enjoying the theme/design of your weblog. Do you ever
run into any internet browser compatibility problems?
A few of my blog visitors have complained about my site not working correctly in Explorer
but looks great in Firefox. Do you have any advice to help fix this
problem?
부산써마지 피부과
This is the right webpagge forr anybody who hopes to
understand this topic. You realize so much its almost tough to argue with
you (not tht I personally will need to…HaHa). You definitely put a fresh spin on a
topic that’s been written about for years.
Excellent stuff, just great!
부산써마지 피부과
hepatoburn amazon
Excellent post. Keep posting such kind of information on your page.
Im really impressed by your site.
Hi there, You’ve performed a fantastic job. I will certainly digg it and individually
recommend to my friends. I’m confident they will be benefited from this site.
Also visit my web blog hepatoburn amazon
rjpwinslot
Spot on with this write-up, I truly believe that this site
needs a great deal more attention. I’ll probably be returning to read through more, thanks for the
information!
piano tuning fort worth
I’m really enjoying the design and layout of your blog.
It’s a very easy on the eyes which makes it much more enjoyable for me to come here and visit more often. Did
you hire out a designer to create your theme? Great work!
veganism and deforestation
Howdy this is kind of of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have to
manually code with HTML. I’m starting a blog soon but have no coding knowledge so I wanted to get guidance from someone with
experience. Any help would be greatly appreciated!
Concrete Contractors Houston Texas
With havin so much written content do you ever run into any issues of plagorism or
copyright infringement? My blog has a lot of
completely unique content I’ve either authored myself or outsourced but it
appears a lot of it is popping it up all over the web without
my agreement. Do you know any techniques to help stop content from
being stolen? I’d really appreciate it.
Mikel
If some one wants to be updated with most recent technologies then he must be visit this
site and be up to date every day.
Private Proxies Cheap
Great beat ! I would like to apprentice at the same time as you amend yor site, how can i subscribe for a
blog website? The account helped me a applicable deal.
I wre tiny bit familiar of this your broadcast provided vivid transparent
concept
fiberglass pools
Wow, incredible blog structure! How lengthy have you ever
been running a blog for? you make blogging glance easy.
The entire glance of your web site is excellent, as well as the content!
Инъекции ботокса в Москве
It’s an remarkable paragraph designed for all the online users; they
will get advantage from it I am sure.
ботокс уколы Строгино
I like what you guys tend to be up too. This kind of clever work and
reporting! Keep up the great works guys I’ve added you guys to my personal blogroll.
cruelty.farm
Fine way of telling, and fastidious piece of writing to
take data about my presentation focus, which i am going
to convey in school.
Consumer Insights
What i do not understood is if truth be told how you’re not really much more neatly-appreciated than you might be right now.
You’re very intelligent. You recognize therefore considerably with regards to this subject, produced me in my view believe it from numerous varied angles.
Its like women and men are not fascinated except it is
one thing to accomplish with Woman gaga! Your individual stuffs outstanding.
All the time take care of it up!
fiberglass pools
I have fun with, result in I discovered just what I was taking a look for.
You’ve ended my four day long hunt! God Bless you man. Have
a great day. Bye
Verified Purchases
I’ve read a few just right stuff here. Definitely price bookmarking for revisiting.
I wonder how a lot effort you put to make the sort of
wonderful informative web site.
Eco-friendly
Outstanding post however I was wanting to know if you could write
a litte more on this subject? I’d be very grateful if you could elaborate
a little bit more. Cheers!
plunge promo code
If you would like to obtain a great deal from this post then you have to apply these strategies to your
won weblog.
women lingerie
My family all the time say that I am wasting my time here at net, except I know I am getting
knowledge daily by reading such nice posts.
Top Picks
Hi, just wanted to tell you, I loved this post.
It was funny. Keep on posting!
Gay Singles Chat
Hey there studs! I’m Brandon, and I just discovered this
next-level gay chat at BubiChat. ️
Low-key, I was scrolling grindr when I stumbled on this wild chatroom.
Way hotter than those ghost-town dating apps!
At BubiChat, you can:
Trade nudes with twinky guys RIGHT NOW
No judgment – just horny dudes
Stay discreet if you’re closeted
Slide into my DMs there and let’s get spicy! Maybe we’ll
Netflix & chill?
Pro tip: It’s free to join – no credit card, just thirsty guys like us.
Don’t ghost me, daddy! I’m online now at https://bubichat.com/gay-chat/
Rawr,
Dylan
Performance Review
Hey there! I know this is kinda off topic but I was wondering if you knew
where I could locate a captcha plugin for my
comment form? I’m using the same blog platform as yours and
I’m having difficulty finding one? Thanks a lot!
Ботокс в Москве цены и отзывы
I absolutely love your blog.. Great colors & theme.
Did you develop this site yourself? Please reply back
as I’m looking to create my own blog and would like to
know where you got this from or exactly what the theme is called.
Thank you!
long distance movers
You really make it seem really easy along with your presentation but I to
find this topic to be really one thing that I think I might never understand.
It sort of feels too complex and extremely vast for me.
I am looking forward on your next post, I will try to get the grasp of it!
soundcloud 4
[C:\Users\Administrator\Desktop\scdler-guestbook-comments.txt,1,1
counter strike 1.6 warzone
I really like what you guys are up too. This type of clever
work and coverage! Keep up the good works guys I’ve included you guys to my blogroll.
Benito
Way cool! Some very valid points! I appreciate you penning this post plus the rest of the website is
really good.
http://projob.az/employer/pro-eltern
What’s up, I would like to subscribe for this website to obtain most recent
updates, therefore where can i do it please help out.
igtoto
I simply could not depart your website prior to suggesting that I
extremely loved the standard information an individual supply on your guests?
Is gonna be back steadily in order to check out new posts
Get the Full Picture
I am regular visitor, how are you everybody? This piece
of writing posted at this web site is truly nice.
dryer vent cleaning
Howdy are using WordPress for your blog platform? I’m
new to the blog world but I’m trying to get started and create my own.
Do you need any html coding expertise to make your own blog?
Any help would be greatly appreciated!
dewawin55.com
Very good article! We will be linking to this particularly great article on our
website. Keep up the good writing.
trash container cleaning service
Thank you for the good writeup. It in fact was a amusement account it.
Look advanced to more added agreeable from you! However, how
can we communicate?
Honest Reviews
Amazing! This blog looks just like my old one! It’s
on a totally different subject but it has pretty much the same layout and design. Outstanding choice of
colors!
Sustainable.ac
Hi there! Someone in my Myspace group shared this
site with us so I came to take a look. I’m definitely loving the information. I’m
bookmarking and will be tweeting this to my followers!
Outstanding blog and outstanding design and style.
escape road
I love your blog.. very nice colors & theme. Did you design this website yourself or did you hire someone to do it for you?
Plz answer back as I’m looking to create my own blog and would like to know where u got
this from. appreciate it
Comprehensive Guide
Please let me know if you’re looking for a author for your blog.
You have some really good articles and I think I would be a good asset.
If you ever want to take some of the load off, I’d really like to write
some content for your blog in exchange for a link back to mine.
Please shoot me an e-mail if interested. Regards!
slot kaptenasia
wonderful post, very informative. I wonder
why the opposite specialists of this sector don’t understand this.
You should proceed your writing. I am confident, you’ve a huge readers’ base already!
성범죄변호사
It’s a pity you don’t have a donate button! I’d without a doubt donate to this outstanding blog!
I suppose for now i’ll settle for book-marking and adding
your RSS feed to my Google account. I look forward to new updates and will talk about this blog with my Facebook group.
Chat soon!
Quality Assessment
Nice blog right here! Also your web site quite a bit up very fast!
What host are you using? Can I get your affiliate hyperlink on your host?
I wish my web site loaded up as fast as yours lol
https://mikropomoc.pl/profile/bretturney942
Very nice post. I simply stumbled upon your blog and wished to say that I’ve really loved browsing your blog posts.
In any case I’ll be subscribing in your rss feed and I am hoping you write once more soon!
Top Rated
Peculiar article, totally what I was looking for.
multi level marketing companies in qatar
Greetings from Ohio! I’m bored to tears at work so I decided to check out your blog on my iphone during lunch
break. I enjoy the info you present here and can’t wait to take a look when I
get home. I’m shocked at how quick your blog loaded on my cell phone ..
I’m not even using WIFI, just 3G .. Anyhow, excellent blog!
sprunki game
Sprunki Incredibox adds a fresh twist to the beloved music-mixing formula. The new beats and visuals make creativity even more fun. Check it out at Sprunki Incredibox!