MAL-2026-5171
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/spaysdata/MAL-2026-5171.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-5171
- Published
- 2026-06-02T20:44:56Z
- Modified
- 2026-06-09T10:46:30.749390893Z
- Summary
- Malicious code in spaysdata (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (55bfbc1a93fe9a662ed20b5fb651390a850c8f43e4d68d81677b4ffd0ca17bcf)
The package exfiltrates Roblox cookies from the victim machine.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-spaysrbdata
Reasons (based on the campaign):
- infostealer
- Database specific
{ "malicious-packages-origins": [ { "modified_time": "2026-06-02T20:45:15.575118Z", "versions": [ "0.1.0", "0.2.0", "0.3.0", "0.4.0", "0.4.2", "0.4.4", "0.4.5" ], "sha256": "55bfbc1a93fe9a662ed20b5fb651390a850c8f43e4d68d81677b4ffd0ca17bcf", "id": "pypi/2026-06-spaysrbdata/spaysdata", "source": "kam193", "import_time": "2026-06-02T22:19:08.77181853Z" }, { "modified_time": "2026-06-02T20:45:15.575118Z", "versions": [ "0.1.0", "0.2.0", "0.3.0", "0.4.0", "0.4.2", "0.4.4", "0.4.5" ], "sha256": "7c4f20bacc240589b8c9660a0b722f173309c6cd42cf577c7de2e4ee1e4009a1", "id": "pypi/2026-06-spaysrbdata/spaysdata", "source": "kam193", "import_time": "2026-06-09T10:41:59.93269461Z" } ], "iocs": { "urls": [ "https://script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc_dFrZ_h5JnZKrWxXWazK1T6DoKGAGG5OJ9rznwYXg2PS-h1d/exec", "https://discord.com/api/webhooks/1513807955340820602/-UbLOjMGWIop17hrvQ7XsrZkJBJaNlMTueX7xnsJ9hz6DKaBgSe_Ur2FIgSJMHlusBwx" ] } }- References
- Credits
-
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / spaysdata
Package
- Name
- spaysdata
- View open source insights on deps.dev
- Purl
- pkg:pypi/spaysdata