Logo
pypi

test-pkg-jie @1.4.0

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-3023

Ecosystem

pypi

Summary

During installation, the package attempts to create a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-04-my-package-jiecub3 Reasons (based on the campaign): - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.

Source: kam193 (bc409f90d96c576263a60bd95ab30260b973097425292cdd53999e49cb3c4011)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES