Ultralytics is a popular AI image prediction library with over 33k stars on GitHub and a dependency for many packages. On December 5, 2024 security researchers have identified a supply chain attack targeting deployment versions of the Ultralytics Python package. The compromised versions, 8.3.41 and 8.3.42, contain malicious code that executes unauthorized cryptocurrency mining software (XMRig) on affected machines. This compromise was limited to the PyPI-hosted versions of the package, and local or earlier versions remain unaffected.
The attacker manipulated GitHub Actions by exploiting branch names in pull requests to execute arbitrary code, bundling a cryptominer into the package. A subsequent “mitigation” release of Ultralytics was also compromised, escalating the risk for users who might have updated to the new version and assumed they were secure.