MAL-2025-2949

See a problem?
Import Source
https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/colorizetext/MAL-2025-2949.json
JSON Data
https://api.osv.dev/v1/vulns/MAL-2025-2949
Published
2025-03-05T16:15:15Z
Modified
2026-04-16T15:58:30.399915Z
Summary
Malicious code in colorizetext (PyPI)
Details

-= Per source details. Do not edit below this line.=-

Source: kam193 (23bf8532a92e751d1429028961f8b21697466cf5938e629cd11105928584f017)

Package has a hidden code starting an infostealer

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-03-colorizetext

Reasons (based on the campaign):

  • infostealer

  • obfuscation

Database specific 
{
    "iocs": {
        "urls": [
            "https://github.com/Uwu-Kagami"
        ]
    },
    "malicious-packages-origins": [
        {
            "source": "reversing-labs",
            "id": "RLMA-2025-01947",
            "modified_time": "2025-03-28T13:05:28Z",
            "sha256": "73aea433df0f3c717cbafc462b62b8a8c48e475c4b82544d869bb5de4aa3d7c7",
            "versions": [
                "0.1.1",
                "0.1.2",
                "0.1.3",
                "0.1.4"
            ],
            "import_time": "2025-03-31T07:07:05.08183651Z"
        },
        {
            "source": "kam193",
            "id": "pypi/2025-03-colorizetext/colorizetext",
            "modified_time": "2025-03-05T16:15:15Z",
            "sha256": "ea918aef023cdba6e2d62f4227124588059de8955cadeed028abb62bd23202d0",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "import_time": "2025-12-02T22:30:55.062521937Z"
        },
        {
            "source": "kam193",
            "id": "pypi/2025-03-colorizetext/colorizetext",
            "modified_time": "2025-03-05T16:15:15Z",
            "sha256": "23bf8532a92e751d1429028961f8b21697466cf5938e629cd11105928584f017",
            "ranges": [
                {
                    "type": "ECOSYSTEM",
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ]
                }
            ],
            "import_time": "2025-12-02T23:07:18.072274918Z"
        },
        {
            "source": "kam193",
            "id": "pypi/2025-03-colorizetext/colorizetext",
            "modified_time": "2025-03-05T16:15:15Z",
            "sha256": "6f5a82809c3a2708e443d4b2165197010ba23d478f8f7d67f0903995bd9390f8",
            "versions": [
                "0.1.0",
                "0.1.1",
                "0.1.2",
                "0.1.3"
            ],
            "import_time": "2025-12-10T21:38:57.364954611Z"
        },
        {
            "source": "reversing-labs",
            "id": "RLUA-2026-00215",
            "modified_time": "2026-03-18T12:12:43Z",
            "sha256": "e2f6bc5636189c5d92fa41ed47e9d7cab6883c71b87371d52e1f60a861d38e91",
            "import_time": "2026-03-19T12:19:35.398167237Z"
        },
        {
            "source": "reversing-labs",
            "id": "RLUA-2026-02068",
            "modified_time": "2026-04-16T10:25:55Z",
            "sha256": "51bb17dac846ecd1e51cf07e3c69749be0343a2cc552f459504c9514541c40e6",
            "versions": [
                "0.1.0"
            ],
            "import_time": "2026-04-16T15:39:34.605352283Z"
        }
    ]
}
References
Credits

Affected packages

PyPI / colorizetext

Package

Name
colorizetext
View open source insights on deps.dev
Purl
pkg:pypi/colorizetext

Affected ranges

Affected versions

0.*
0.1.0
0.1.1
0.1.2
0.1.3
0.1.4

Database specific

source 
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/colorizetext/MAL-2025-2949.json"