pypi

jupiter-sdk @0.1.1

Vulnerability report · Last retrieved from osv.dev July 12, 2026 at 3:37 PM UTC

Malicious

OSV ID

MAL-2026-10196

Ecosystem

pypi

Summary

During import, the code downloads and executes a remote script. The script collects sensitive files, including cryptocurrency wallet private keys and seeds, SSH keys, dotenv files and uploads them to IPFS. After that, it communicates with C2 and awaits further commands to execute. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-metemask-sdk Reasons (based on the campaign): - files-exfiltration - typosquatting - exfiltration-ssh-keys - crypto-related - Downloads and executes a remote malicious script. - exfiltration-crypto - The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine. - uses:ipfs

Source: kam193 (4fe90c74194fd64c35606cd24835a77493495efe29bf6ad593cc4fa5a20f58be)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.