pypi

pylogora @0.7.8

Vulnerability report · Last retrieved from osv.dev July 15, 2026 at 9:54 PM UTC

Malicious

OSV ID

MAL-2026-10689

Ecosystem

pypi

Summary

The typosquatted package installs a Mythic/Poseidon C2 framework beacon and ensures persistence. After installation, the beacon communicates with C2 on wegoexchange[.]site for further commands. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-tennacity Reasons (based on the campaign): - typosquatting - Downloads and executes a remote executable. - The package contains code to detect if it is running in a sandbox environment. - malware - persistence

Source: kam193 (b01e8dfbdf9823541eee73bd52086cac9e0ea70246992afe74873372b5d6a293)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.