MAL-2025-191699

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/chat-prompt-logger/MAL-2025-191699.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2025-191699

Published

2025-11-30T00:34:30Z

Modified

2026-04-22T21:37:19.605091Z

Summary

Malicious code in chat-prompt-logger (PyPI)

Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b)

The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-11-chat-prompt-logger

Reasons (based on the campaign):

llm-threat

Database specific

{
    "malicious-packages-origins": [
        {
            "sha256": "7e6349a1f00b4a946bf79b65bbe979a911ddab25bb6151fdab29bd020bb595da",
            "import_time": "2025-12-02T22:30:55.039629667Z",
            "modified_time": "2025-11-30T00:36:48.85313Z",
            "versions": [
                "1.0.12",
                "1.0.11",
                "1.0.10",
                "1.0.9",
                "1.0.8",
                "1.0.7",
                "1.0.6",
                "1.0.5",
                "1.0.4",
                "1.0.3",
                "1.0.2",
                "1.0.12"
            ],
            "id": "pypi/2025-11-chat-prompt-logger/chat-prompt-logger",
            "source": "kam193"
        },
        {
            "sha256": "f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b",
            "import_time": "2025-12-02T23:07:18.048351826Z",
            "modified_time": "2025-11-30T00:36:48.85313Z",
            "versions": [
                "1.0.12",
                "1.0.11",
                "1.0.10",
                "1.0.9",
                "1.0.8",
                "1.0.7",
                "1.0.6",
                "1.0.5",
                "1.0.4",
                "1.0.3",
                "1.0.2",
                "1.0.12"
            ],
            "id": "pypi/2025-11-chat-prompt-logger/chat-prompt-logger",
            "source": "kam193"
        },
        {
            "sha256": "32fa17102f7d5feec4bfb42d8837eb5f034b117bfb3dcac7aaaa3fcd532c60b2",
            "import_time": "2025-12-24T10:07:30.260650273Z",
            "modified_time": "2025-12-23T08:38:07Z",
            "versions": [
                "1.0.2",
                "1.0.3",
                "1.0.4",
                "1.0.5",
                "1.0.6",
                "1.0.7",
                "1.0.8",
                "1.0.9",
                "1.0.10",
                "1.0.11",
                "1.0.12"
            ],
            "id": "RLMA-2025-06556",
            "source": "reversing-labs"
        },
        {
            "sha256": "85f3d630475645864725d79296569c2250a2086aca24a90f721bddc10973065e",
            "import_time": "2025-12-30T22:39:04.053087037Z",
            "modified_time": "2025-11-30T00:36:48.85313Z",
            "versions": [
                "1.0.2",
                "1.0.3",
                "1.0.4",
                "1.0.5",
                "1.0.6",
                "1.0.7",
                "1.0.8",
                "1.0.9",
                "1.0.10",
                "1.0.11",
                "1.0.12",
                "1.0.12"
            ],
            "id": "pypi/2025-11-chat-prompt-logger/chat-prompt-logger",
            "source": "kam193"
        },
        {
            "sha256": "560445940290969fcb65f9479e80e1f1f15715daef28cc78552a145274ac791c",
            "import_time": "2026-03-19T12:19:32.907399566Z",
            "modified_time": "2026-03-18T12:12:19Z",
            "id": "RLUA-2026-00185",
            "source": "reversing-labs"
        },
        {
            "sha256": "e82aaa471fbda47ddebc8c9cb967a6d919da6192b5324721ccef1b2a59c2b55f",
            "import_time": "2026-04-22T21:21:55.452862683Z",
            "modified_time": "2025-11-30T00:36:48.85313Z",
            "versions": [
                "1.0.2",
                "1.0.3",
                "1.0.4",
                "1.0.5",
                "1.0.6",
                "1.0.7",
                "1.0.8",
                "1.0.9",
                "1.0.10",
                "1.0.11",
                "1.0.12"
            ],
            "id": "pypi/2025-11-chat-prompt-logger/chat-prompt-logger",
            "source": "kam193"
        }
    ]
}

References

https://bad-packages.kam193.eu/pypi/package/chat-prompt-logger

Credits

- Kamil Mańkowski (kam193)
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- Kamil Mańkowski (kam193) - REPORTER
- - https://github.com/kam193
  - https://bad-packages.kam193.eu/
- ReversingLabs - FINDER
- - https://www.reversinglabs.com

Affected packages

PyPI / chat-prompt-logger

Package

Name: chat-prompt-logger; View open source insights on deps.dev
Purl: pkg:pypi/chat-prompt-logger

Affected ranges

Affected versions

1.*

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.8

1.0.9

1.0.10

1.0.11

1.0.12

Database specific

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/chat-prompt-logger/MAL-2025-191699.json"