pypi

httpprobe @1.0.0

Vulnerability report · Last retrieved from osv.dev July 5, 2026 at 12:12 AM UTC

Malicious

OSV ID

MAL-2026-6758

Ecosystem

pypi

Summary

If run as a module and during installation, the package attempts to download and start an executable described as a Mirai agent. During analysis, the Onion website hosting executable was not available. Using Onion and localhost fallback suggests the package was not yet ready to deliver malicious actions to the end users. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-httpprobe Reasons (based on the campaign): - Downloads and executes a remote executable. - The package overrides the install command in setup.py to execute malicious code during installation.

Source: kam193 (5a1fef079efe68484b2d37fb2e1bb3d0cebfeccf27a8a0f9b1e8436e664ea42e)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.