pycacheopt @0.2.7
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC
OSV ID
MAL-2026-3371
Ecosystem
pypi
Summary
The extension module hides code that in specific circumstances executes given code. The malicious action is hidden only in the extension module with the same-named Python code file containing only benign code. This campaign was first detected by Aikido Security. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-pycacheopt Reasons (based on the campaign): - other - The package contains code to detect if it is running in a sandbox environment.
Source: kam193 (cf50eae305079227b5283e08547cc201f941624c95e49460c3e6544cdd1e221b)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.