rich-util @0.218.10
Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 4:30 AM UTC
OSV ID
MAL-2026-3659
Ecosystem
pypi
Summary
Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer
Source: kam193 (cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63)
Protect your entire dependency tree
Scan your lock files automatically on every PR. Block malicious packages before they reach production.