MAL-2026-3355
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/playwright-atoned/MAL-2026-3355.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-3355
- Published
- 2026-05-06T20:07:00Z
- Modified
- 2026-05-06T21:03:57.661658Z
- Summary
- Malicious code in playwright-atoned (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (250795bc04569c6f87e372e4b6bed019148a1c78f4357e8e430c1865acfead07)
The package exfiltrates sensitive data like local environmental variables and cloud tokens
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-playwright-acustomed
Reasons (based on the campaign):
exfiltration-cloud-tokens
exfiltration-env-variables
exfiltration-generic
clones-real-package
- Database specific
{ "iocs": { "domains": [ "contabo.e-kounoupidi.gr" ], "urls": [ "https://contabo.e-kounoupidi.gr/gotcha", "https://contabo.e-kounoupidi.gr/gotchawebhook" ] }, "malicious-packages-origins": [ { "sha256": "250795bc04569c6f87e372e4b6bed019148a1c78f4357e8e430c1865acfead07", "source": "kam193", "modified_time": "2026-05-06T20:07:00.337114Z", "id": "pypi/2026-05-playwright-acustomed/playwright-atoned", "import_time": "2026-05-06T20:57:19.782684359Z", "versions": [ "0.1.0", "1.1.0", "1.2.0", "1.3.0" ] } ] }- References
- Credits
-
-
- Kamil MaĆkowski (kam193) - ANALYST
-
Affected packages
PyPI / playwright-atoned
Package
- Name
- playwright-atoned
- View open source insights on deps.dev
- Purl
- pkg:pypi/playwright-atoned