MAL-2025-191710
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/d1n0-exploit-aaaa/MAL-2025-191710.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2025-191710
- Published
- 2025-11-14T17:23:39Z
- Modified
- 2025-12-03T00:20:27.486119Z
- Summary
- Malicious code in d1n0-exploit-aaaa (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170)
Importing the module starts a reverse shell
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2025-11-d1n0
Reasons (based on the campaign):
- The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
- Database specific
{ "malicious-packages-origins": [ { "source": "kam193", "sha256": "c5da1a696e114b609cd08c52de1bb1b10b2477ed3e5c670c7821206757310863", "versions": [ "0.0.1" ], "import_time": "2025-12-02T22:30:55.085458064Z", "modified_time": "2025-11-14T17:23:39.229286Z", "id": "pypi/2025-11-d1n0/d1n0-exploit-aaaa" }, { "source": "kam193", "sha256": "64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170", "versions": [ "0.0.1" ], "import_time": "2025-12-02T23:07:18.098589602Z", "modified_time": "2025-11-14T17:23:39.229286Z", "id": "pypi/2025-11-d1n0/d1n0-exploit-aaaa" } ], "iocs": { "domains": [ "d1n0.me" ] } }- References
- Credits
-
-
- Kamil Mańkowski (kam193)
-
- Kamil Mańkowski (kam193) - ANALYST
-
Affected packages
PyPI / d1n0-exploit-aaaa
Package
- Name
- d1n0-exploit-aaaa
- View open source insights on deps.dev
- Purl
- pkg:pypi/d1n0-exploit-aaaa