gemini-analyzer @1.0.9
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-3347
Ecosystem
pypi
Summary
The package is a RAT performing full exfiltration and executing remote commands through a custom RPC protocol over WebSockets, and eventually establishing a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-gemini-analyzer Reasons (based on the campaign): - The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine. - exfiltration-ssh-keys - files-exfiltration - exfiltration-credentials - rat - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
Source: kam193 (1c8996b17229185440fe7523f20f72ea848f3a001baa8946ca80fa6b5d3221ad)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.