MAL-2026-5329
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/spaysdatarbx/MAL-2026-5329.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-5329
- Published
- 2026-06-08T13:43:18Z
- Modified
- 2026-06-09T10:46:30.042555782Z
- Summary
- Malicious code in spaysdatarbx (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (31b0b97326861aabb747f26e130a5dbda5ac78100fafbb3a3327b1981119e3a6)
The package exfiltrates Roblox cookies from the victim machine.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-spaysrbdata
Reasons (based on the campaign):
- infostealer
- Database specific
{ "malicious-packages-origins": [ { "import_time": "2026-06-08T15:12:45.407175189Z", "versions": [ "0.1.3", "0.1.5" ], "sha256": "31b0b97326861aabb747f26e130a5dbda5ac78100fafbb3a3327b1981119e3a6", "id": "pypi/2026-06-spaysrbdata/spaysdatarbx", "source": "kam193", "modified_time": "2026-06-08T13:43:18.338578Z" }, { "modified_time": "2026-06-08T13:43:18.338578Z", "versions": [ "0.1.3", "0.1.5" ], "sha256": "ddffc9e3413a0002eb53a77c72679297563add6c776b89475e9e0bb83d516d49", "id": "pypi/2026-06-spaysrbdata/spaysdatarbx", "source": "kam193", "import_time": "2026-06-09T10:41:59.933480846Z" } ], "iocs": { "urls": [ "https://script.google.com/macros/s/AKfycbwa8sLEdsG_leFVecuc_dFrZ_h5JnZKrWxXWazK1T6DoKGAGG5OJ9rznwYXg2PS-h1d/exec", "https://discord.com/api/webhooks/1513807955340820602/-UbLOjMGWIop17hrvQ7XsrZkJBJaNlMTueX7xnsJ9hz6DKaBgSe_Ur2FIgSJMHlusBwx" ] } }- References
- Credits
-
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / spaysdatarbx
Package
- Name
- spaysdatarbx
- View open source insights on deps.dev
- Purl
- pkg:pypi/spaysdatarbx