Malicious
OSV ID
MAL-2026-3401
Ecosystem
pypi
Summary
During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no built-in crypto exfiltration. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-ninja-ssh-proto Reasons (based on the campaign): - backdoor - obfuscation
Source: kam193 (ce4d4558612dd659843989e690b64a3c4073d5a4b34217c2e89a5325835da685)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.