MAL-2025-191767
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/jsonist/MAL-2025-191767.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2025-191767
- Published
- 2025-08-14T22:30:01Z
- Modified
- 2025-12-03T00:25:29.484151Z
- Summary
- Malicious code in jsonist (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818)
Calling a method starts downloading and starting an infostealer script
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2025-08-secmeasure
Reasons (based on the campaign):
action-hidden-in-lib-usage
Downloads and executes a remote malicious script.
infostealer
- Database specific
{ "iocs": { "urls": [ "https://pastebin.com/raw/jaH2uRE1" ], "ips": [ "200.58.107.25" ] }, "malicious-packages-origins": [ { "versions": [ "0.1.0" ], "modified_time": "2025-08-14T22:30:01.857323Z", "sha256": "7f3396007d526f88250ad2b5c324ad8a550418f97213066b820b379ebd2cdbe6", "id": "pypi/2025-08-secmeasure/jsonist", "source": "kam193", "import_time": "2025-12-02T22:30:55.281606945Z" }, { "versions": [ "0.1.0" ], "modified_time": "2025-08-14T22:30:01.857323Z", "sha256": "4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818", "id": "pypi/2025-08-secmeasure/jsonist", "source": "kam193", "import_time": "2025-12-02T23:07:18.305567195Z" } ] }- References
- Credits
-
-
- Kamil Mańkowski (kam193)
-
- Kamil Mańkowski (kam193) - REPORTER
-
Affected packages
PyPI / jsonist
Package
- Name
- jsonist
- View open source insights on deps.dev
- Purl
- pkg:pypi/jsonist