MAL-2025-192435

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/loguru-utf8/MAL-2025-192435.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-192435
Published
2025-12-10T17:02:23Z
Modified
2025-12-10T19:47:15.054718Z
Summary
Malicious code in loguru-utf8 (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78)

Package clones a popular package (loguru, jsonschema, ...). While it claims to have some additional features, the real change is an added compiled native library which is silently loaded in the background during the importing of the module. The exact behavior is unknown, but the binary is obfuscated

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-12-loguru-utf8

Reasons (based on the campaign):

  • clones-real-package

  • obfuscation

  • typosquatting

  • native-extension

Database specific 
{
    "malicious-packages-origins": [
        {
            "id": "pypi/2025-12-loguru-utf8/loguru-utf8",
            "import_time": "2025-12-10T17:40:56.35081846Z",
            "modified_time": "2025-12-10T17:02:23.953842Z",
            "versions": [
                "0.7.3"
            ],
            "sha256": "ed36240df4acc0e07b3e2a542c261afb54c1fe8466cf496057926b6c2dca3841",
            "source": "kam193"
        },
        {
            "id": "pypi/2025-12-loguru-utf8/loguru-utf8",
            "import_time": "2025-12-10T18:45:05.209803425Z",
            "modified_time": "2025-12-10T17:02:23.953842Z",
            "versions": [
                "0.7.3"
            ],
            "sha256": "e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78",
            "source": "kam193"
        },
        {
            "id": "pypi/2025-12-loguru-utf8/loguru-utf8",
            "import_time": "2025-12-10T19:36:28.61942636Z",
            "modified_time": "2025-12-10T18:41:58.634419Z",
            "versions": [
                "0.7.3",
                "0.7.4"
            ],
            "sha256": "24dffce422aaa4e56a42c75c1dbe6cc6b8601fce2a450f244290e0c49100ece3",
            "source": "kam193"
        }
    ]
}
References
Credits

Affected packages

PyPI / loguru-utf8

Package

Name
loguru-utf8
View open source insights on deps.dev
Purl
pkg:pypi/loguru-utf8

Affected ranges

Affected versions

0.*

0.7.3
0.7.4