pypi

privaton-beacon-img-8f3603448690bdde-png @774.396.88

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-2201

Ecosystem

pypi

Summary

This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name.

Source: oracle-using-macaron (be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.