A newly uncovered malware campaign called ForceMemo is quietly taking over GitHub accounts and planting hidden backdoors in Python repositories, creating a serious new supply chain risk for developers and open-source teams. Researchers said the campaign has been active since at least March 8, 2026, and it continues to spread across more repositories each day. StepSecurity first identified and publicly reported the operation, describing it as one of the most widespread Python-focused supply chain attacks seen in recent months.

The attack targets a broad mix of Python projects, including Django applications, machine learning research code, Streamlit dashboards, Flask APIs, and pip-installable packages. Instead of using obvious methods such as pull requests or visible malicious commits, the attacker quietly modifies trusted files like setup.py, main.py, and app.py. As a result, any developer who installs a package directly from a compromised repository or clones and runs the affected code can unknowingly activate the malware on their own machine.

StepSecurity named the campaign ForceMemo because of two core tactics. First, the attacker uses Git’s force-push feature to silently overwrite repository history. Second, the malware relies on Solana blockchain transaction memos as a command-and-control channel. Together, these techniques make the campaign unusually stealthy and resilient. In fact, researchers found that the attacker rebases malicious code onto the latest legitimate commit and force-pushes it back to the default branch while preserving the original commit message, author name, and author date. Because of that, the repository can appear untouched at first glance, even though it has already been compromised.

Researchers traced the GitHub account takeovers to GlassWorm, a separate infostealer campaign that spreads through malicious VS Code and Cursor extensions. According to the findings, GlassWorm’s third-stage payload steals GitHub tokens from VS Code extension storage, git credential managers, and the GITHUB_TOKEN environment variable. Once attackers collect those credentials, they gain enough access to rewrite a victim’s repositories. That means a single stolen token can expose multiple projects tied to one developer account.

The malware itself uses several layers of obfuscation, including base64 decoding, zlib decompression, and XOR decryption. Before it runs, it checks whether the infected machine uses a Russian locale or timezone. If it detects that environment, it stops execution immediately. Otherwise, it reaches out to a Solana wallet to retrieve the next-stage payload instructions. Since blockchain data is hard to remove or censor, the attacker can keep updating payload URLs through on-chain memos, making takedown efforts much harder. Researchers also noted that the malware queries multiple Solana RPC endpoints as fallback infrastructure.

Moreover, the campaign is not standing still. Reporting published on March 16, 2026 showed related malicious activity affecting React Native npm packages, and a later update said the attacker continued publishing new compromised versions on March 17–18, 2026. That pattern suggests the broader GlassWorm ecosystem is evolving quickly and expanding beyond GitHub Python repositories into additional software supply chain channels.

For developers and repository maintainers, the warning signs are subtle but important. Researchers advised checking cloned Python files for the marker variable lzcdrtfxyqiplpd, looking for ~/init.json in the home directory, and reviewing systems for an unexpected node-v22.9.0 folder. Maintainers should also verify that the default branch still matches the last known legitimate commit and pay close attention to mismatches between the author date and the actual committer date in recent git logs. Overall, ForceMemo highlights how attackers are now blending credential theft, stealthy Git operations, and blockchain-based infrastructure to compromise software supply chains in ways that are both quiet and difficult to disrupt.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com