Logo
pypi

zzzzthisisitwantsafecheckitzzzz @1.0.0

Vulnerability report · Last retrieved from osv.dev June 23, 2026 at 3:29 AM UTC

Malicious

OSV ID

MAL-2026-2309

Ecosystem

pypi

Summary

During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-03-thisismytest123 Reasons (based on the campaign): - Downloads and executes a remote executable. - backdoor - malware

Source: kam193 (fbef17827bf88f06c2278d700e386c98e2f1360fd533ba1415c9060ff56a037f)

Protect your entire dependency tree

Scan your lock files automatically on every PR. Block malicious packages before they reach production.

SEE HACKTRON REVIEW → SCAN DEPENDENCIES