northstart-sdk @0.2.2
Vulnerability report · Last retrieved from osv.dev July 15, 2026 at 3:52 PM UTC
OSV ID
MAL-2026-10672
Ecosystem
pypi
Summary
The pypi package northstart-sdk 0.2.1 executes attacker-controlled code as a side effect of import northstart_sdk . The top-level __init__.py assigns AUTO_DEMO_RESULTS = _run_bundled_encrypted_demos() , which fetches 8 bytes from a hardcoded Yuque CDN PNG (https://cdn.nlark.com/yuque/0/2026/png/12727464/...png), uses them as PBKDF2-HMAC-SHA256 key material (with a static PNG-signature fallback so the shipped ciphertext is decryptable offline), decrypts JSON blobs under src/northstart_sdk/_encrypted_demos/ , and passes the decrypted bytes to compile() and exec() via _execute_source . The bespoke crypto + remote-key-fetch construction serves only to keep the exec'd payload out of source review. The plaintext progenitor of that payload is shipped in the same tree at encry/whats.ak : length-prefixed framed socket I/O ( s.sendall(struct.pack('>I', len(enc))) , matching s.recv framing), XOR/AES-GCM/ChaCha20/Fernet routines, RSA-OAEP key exchange, and an auth-message builder that transmits user/password/id fields to a remote peer, with function names obfuscated and misleading # API endpoint handler / # Health check endpoint comments. Importing the package launches a remote-controlled agent that opens an encrypted framed connection to an operator-controlled socket.
Source: amazon-inspector (aa58bcfb4f89faf624c1f99bb552e597cc2e061330a2e98e72e6f401bb70b4f9)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.