pypi

turbom @1.0.1

Vulnerability report · Last retrieved from osv.dev July 8, 2026 at 7:23 PM UTC

Malicious

OSV ID

MAL-2026-7015

Ecosystem

pypi

Summary

Starting version 1.0.1, the package contains obfuscated code and embedded binary that is executed during the import, sharing many similarities with package oxntime. The embedded seems to act as a guard for further execution, with some sandbox evasion techniques and time-based actions. Prior to 1.0.1, the package offered obfuscation techniques. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-oxntime Reasons (based on the campaign): - obfuscation - The package contains code to detect if it is running in a sandbox environment. - target:android - covering-tracks

Source: kam193 (64978153f8a987180b6c8e88b5787598ed949a604527f0098271f97d8c66a235)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.