{"meta":{"version":"v1","pricing":{"public":{"label":"Public","description":"Read-only API access for lightweight status checks and public integrations."},"premium":{"label":"Premium (early access)","description":"API keys with higher hourly quotas are available now; webhooks, alerting, and exports are on the roadmap."}},"generatedAt":"2026-07-09T04:29:04.538Z"},"data":{"id":"incident_statuspage_pypi_s8vm6pwr46c2","slug":"pypi-malicious-takeover-of-ctx-project-on-pypi-2022-05-24","title":"Malicious takeover of ctx project on PyPI.","summary":"Malicious takeover of ctx project on PyPI.","status":"resolved","severity":"minor","startedAt":"2022-05-24T17:32:32.668+00:00","updatedAt":"2022-05-24T17:33:16.862+00:00","resolvedAt":"2022-05-24T10:00:00+00:00","provider":{"slug":"pypi","name":"PyPI"},"affectedServices":[],"links":{"html":"/incidents/pypi-malicious-takeover-of-ctx-project-on-pypi-2022-05-24","api":"/api/v1/incidents/pypi-malicious-takeover-of-ctx-project-on-pypi-2022-05-24","providerHtml":"/providers/pypi"},"impactSummary":"PyPI reported a none event for the affected tracked services.","source":{"id":"source_pypi_status","kind":"official_api","name":"Python Infrastructure Status","checkedAt":"2026-07-09T04:25:01.936+00:00","officialUrl":"https://status.python.org","statusPageUrl":"https://status.python.org"},"updates":[{"id":"update_statuspage_pypi_s8vm6pwr46c2_wtr7gcryl0r8","status":"resolved","body":"This incident has been resolved.","createdAt":"2022-05-24T17:32:32.711+00:00"},{"id":"update_statuspage_pypi_s8vm6pwr46c2_vr9c630f70lj","status":"resolved","body":"Takeover of the ctx project was reported on multiple channels overnight and was mitigated as of 6:07 AM Eastern.\n\nWe confirmed via investigation that this compromise was of a single user account due to re-registration over an expired domain. The domain that hosted the users email address was re-registered 2022-05-14T18:40:05Z and a password reset completed successfully for the user at 2022-05-14T18:52:40Z. Original releases were then deleted and malicious copies uploaded.\n\nPyPI itself was not directly compromised.\n\nRead the full incident report at [https://python-security.readthedocs.io/pypi-vuln/index-2022-05-24-ctx-domain-takeover.html](https://python-security.readthedocs.io/pypi-vuln/index-2022-05-24-ctx-domain-takeover.html).","createdAt":"2022-05-24T17:33:00.79+00:00"}],"access":{"plan":"public","keyed":false}}}