amigapythonupdater @3.1.1
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-1136
Ecosystem
pypi
Summary
During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment variables and cloud tokens to a hardcoded location, as well as starts a job listening for commands to execute. Likely dependency confusion attempts --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-02-amigapythonupdater Reasons (based on the campaign): - exfiltration-generic - exfiltration-env-variables - The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine. - dependency-confusion
Source: kam193 (46cf32631436ddacf36a4984b254c10554b4e94c6099c5012a96ec3a7c5426a1)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.