gcpipwrap @0.1.9
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-2113
Ecosystem
pypi
Summary
These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious action between dependencies and are not malicious alone, but are used together to: exfiltrate information through DNS, collect information about the processes and covering tracks by installing packages from local private repositories. Package nspack additionally notifies upon importing a domain known for malicious activity with the package and hostname. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-03-geekennedy Reasons (based on the campaign): - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk. - The malicious code is intentionally included in a dependency of the package
Source: kam193 (af8d2f3dec668a16adf691aa26e16be82e62c2cdf993da1f4ff4afaceac30e92)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.