MAL-2025-191657

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/requests-os/MAL-2025-191657.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2025-191657

Published

2025-10-22T16:22:18Z

Modified

2026-03-19T12:57:07.348123Z

Summary

Malicious code in requests-os (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (c944343070e83d2eab122e862b5c7349722ee7ceae5ae21e428926480681d24f)

Package contains capabilities for remote control of the user's computer and exfiltrating data

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-10-requests-os

Reasons (based on the campaign):

rat
typosquatting
backdoor
exfiltration-generic

Database specific

{
    "malicious-packages-origins": [
        {
            "import_time": "2025-12-02T09:09:39.236713594Z",
            "modified_time": "2025-12-01T12:54:57Z",
            "sha256": "e50a22cb721c4b0aa9988c063b5780b9b83ee1e6f71d956c08a5efeba36e6fd1",
            "source": "reversing-labs",
            "versions": [
                "1.0.0"
            ],
            "id": "RLMA-2025-05633"
        },
        {
            "import_time": "2025-12-02T22:30:55.538142845Z",
            "modified_time": "2025-10-22T16:22:18.962944Z",
            "sha256": "6fc264ccaee37a8db76ec4e4a262750f71ab25d557aae34a6c3cc96b08329275",
            "source": "kam193",
            "versions": [
                "1.0.0"
            ],
            "id": "pypi/2025-10-requests-os/requests-os"
        },
        {
            "import_time": "2025-12-02T23:07:18.576641284Z",
            "modified_time": "2025-10-22T16:22:18.962944Z",
            "sha256": "c944343070e83d2eab122e862b5c7349722ee7ceae5ae21e428926480681d24f",
            "source": "kam193",
            "versions": [
                "1.0.0"
            ],
            "id": "pypi/2025-10-requests-os/requests-os"
        },
        {
            "import_time": "2026-03-19T12:20:22.497822218Z",
            "modified_time": "2026-03-18T12:18:13Z",
            "sha256": "71c1fb1be00d5c213e25b3e577efae441b34a535f74d8da6c1fcbf3265f8ecbe",
            "source": "reversing-labs",
            "id": "RLUA-2026-00705"
        }
    ]
}

References

https://bad-packages.kam193.eu/pypi/package/requests-os

Credits

- Kamil Mańkowski (kam193)
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- Kamil Mańkowski (kam193) - ANALYST
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / requests-os

Package

Name: requests-os; View open source insights on deps.dev
Purl: pkg:pypi/requests-os

Affected ranges

Affected versions

1.*

1.0.0

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/requests-os/MAL-2025-191657.json"