Malicious
OSV ID
MAL-2026-3002
Ecosystem
pypi
Summary
Heavy obfuscate code for extracting further obfuscate binaries and executing them using file less techniques. Some versions contain the executable embedded, other require providing them externally. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-04-Lyrox Reasons (based on the campaign): - obfuscation
Source: kam193 (a758a1be229d0656a639cd9e76cb14b3224260a08da87b6de28ff2bc4c1d48ba)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.