MAL-2025-192386
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/telcoo/MAL-2025-192386.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2025-192386
- Published
- 2025-12-09T08:05:51Z
- Modified
- 2026-04-22T21:35:29.721758Z
- Summary
- Malicious code in telcoo (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577)
Running the module starts a reverse shell
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2025-12-evil-rce
Reasons (based on the campaign):
- The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
- Database specific
{ "malicious-packages-origins": [ { "sha256": "c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577", "id": "pypi/2025-12-evil-rce/telcoo", "source": "kam193", "modified_time": "2025-12-09T08:08:53.771598Z", "versions": [ "1.0.4", "1.0.3", "1.0.2", "1.0.4" ], "import_time": "2025-12-09T08:44:45.804195121Z" }, { "sha256": "e3f30e917ee86ce1c003daa06d10c8bc887a63c3661a06329cb3a3fa504494f5", "id": "pypi/2025-12-evil-rce/telcoo", "source": "kam193", "modified_time": "2025-12-09T08:08:53.771598Z", "versions": [ "1.0.2", "1.0.3", "1.0.4", "1.0.4" ], "import_time": "2025-12-30T22:39:04.195277079Z" }, { "sha256": "4511475153946aa974031c1d3e939d6c92c9d911bbabbd4c2d9cb79059bdac1d", "id": "pypi/2025-12-evil-rce/telcoo", "source": "kam193", "modified_time": "2025-12-09T08:08:53.771598Z", "versions": [ "1.0.2", "1.0.3", "1.0.4" ], "import_time": "2026-04-22T21:21:55.459007945Z" } ] }- References
- Credits
-
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / telcoo
Package
- Name
- telcoo
- View open source insights on deps.dev
- Purl
- pkg:pypi/telcoo