Which versions of forgepy are malicious?

The following PyPI versions of forgepy are flagged malicious: 1.0.0, 1.0.1, 1.0.2, 1.0.3. Treat any of these as compromised.

How do I remediate forgepy if I installed it?

Remove forgepy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.

I already installed forgepy — how do I know if it already compromised me?

If forgepy was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is forgepy part of a known attack campaign?

Yes — forgepy is associated with the RLMA-2024-03935, RLUA-2024-08292 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find forgepy across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for forgepy (4 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging forgepy across your stack and pipelines.

Malicious package

forgepyPyPI

Malicious code in forgepy (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2024-5155

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall forgepy

Malicious versions

4 flagged

1.0.01.0.11.0.21.0.3

Indicators of compromise (SHA-256)

cb04e42a3fdd4a1dfc9f169979931d0e0d719b4868c8b601a8373313289cc0b8

6c33a139a59a031fb5b76ffc7692ce4cb8c87f487cd86c7bd0a6871d14974958

Detection & response playbook

Malicious package

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for forgepy (4 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging forgepy across your stack and pipelines.
If you installed it — respond
Remove forgepy from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound activity or persistence.
Did it already run?
If forgepy was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks forgepy before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. forgepy on PyPI has been identified as a malicious package (versions 1.0.0, 1.0.1, 1.0.2, 1.0.3 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

RLMA-2024-03935RLUA-2024-08292

References

github.com

Credits

ReversingLabs · finder

Detect & block this

O3 blocks forgepy-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the malicious outbound activity and severs the channel.

Malware detection Runtime egress monitoring

forgepyPyPI

Malicious versions

Indicators of compromise (SHA-256)

Detection & response playbook

Find it

If you installed it — respond

Did it already run?

How O3 protects you

Frequently asked questions

Campaign

References

Credits

Detect & block this