-= Per source details. Do not edit below this line.=-
When imported, the package attempts to exfiltrate environment variables and basic user info
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2025-07-triple-equals
Reasons (based on the campaign):
exfiltration-env-variables
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
{
"malicious-packages-origins": [
{
"versions": [
"10.0.5"
],
"id": "RLMA-2025-04242",
"modified_time": "2025-08-28T07:11:46Z",
"import_time": "2025-08-29T06:41:52.200617409Z",
"sha256": "579193d7aae052e05a939ea93ad44f8bd4185886f39e3441c1605a480910269d",
"source": "reversing-labs"
},
{
"id": "pypi/2025-07-triple-equals/requires-python",
"modified_time": "2025-07-28T19:00:15.05855Z",
"import_time": "2025-12-02T22:30:55.543301827Z",
"sha256": "206b3ac96122408ffbbda6deec04c04f185d3c9593c68669bf9ed247fcc7725f",
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
}
]
}
],
"source": "kam193"
},
{
"id": "pypi/2025-07-triple-equals/requires-python",
"modified_time": "2025-07-28T19:00:15.05855Z",
"import_time": "2025-12-02T23:07:18.581977045Z",
"sha256": "fa1ee2e2c3ead90338250a60177535b23b5f30016e1d06a5b944092cbc3305e7",
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
}
]
}
],
"source": "kam193"
},
{
"versions": [
"10.0.5"
],
"id": "pypi/2025-07-triple-equals/requires-python",
"modified_time": "2025-07-28T19:00:15.05855Z",
"import_time": "2025-12-10T21:38:57.790152305Z",
"sha256": "70e608cee8925bfd99294033811eece0e262363e1cfff761207d06d088f959e3",
"source": "kam193"
},
{
"id": "RLUA-2026-00716",
"modified_time": "2026-03-18T12:18:19Z",
"import_time": "2026-03-19T12:20:23.445635949Z",
"sha256": "dd9c6561ae4bdaa27af1e04d70ac63259edbae1186122a0812514b71435b7b35",
"source": "reversing-labs"
}
]
}