-= Per source details. Do not edit below this line.=-
The PyPI project jsonschemavalidation builds a wheel whose installed top-level package is literally jsonschema ([tool.hatch.build.targets.wheel] packages = ["src/jsonschema"]). Project metadata (author name, homepage pointing at github.com/python-jsonschema/jsonschema, README, description) mirrors the legitimate upstream jsonschema project. Installing this distribution places files into the real jsonschema import namespace on the installer, so import jsonschema in downstream code would resolve to the code shipped by this distribution rather than the genuine one. The current 4.26.0 contents appear to be an unmodified copy of upstream and no exfiltration, install-time fetch-and-execute, credential harvesting, silent-relay, backdoor, or other installer-harm payload is present in this version. The concern is the namespace-collision channel itself: a name-confusion distribution that populates a widely-used import name is a plausible squat/hijack setup, but name-similarity and namespace collision alone are subjective signals without a payload, so human review is appropriate rather than an automatic block.
A clone of a legitimate package with an embeded reverse shell. In the published version, the reverse shell was connecting to a private IP address suggesting the package was not yet fully weaponized.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-07-jsonschemavalidation
Reasons (based on the campaign):
The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
clones-real-package
obfuscation
{
"malicious-packages-origins": [
{
"modified_time": "2026-07-07T15:29:07.803542Z",
"id": "pypi/2026-07-jsonschemavalidation/jsonschemavalidation",
"source": "kam193",
"import_time": "2026-07-07T16:25:33.946880197Z",
"sha256": "b7a6e1ff837eac0382559815111106e3e85b3825b72f38355551d5874cc24b0e",
"versions": [
"4.26.0"
]
},
{
"sha256": "eae82aa94c358f1f00f8a12e8b583cee82efdcf09d2f80263e6851ac0fec98f3",
"id": "IN-MAL-2026-008960",
"source": "amazon-inspector",
"import_time": "2026-07-08T23:27:55.812345434Z",
"modified_time": "2026-07-08T22:58:27Z",
"versions": [
"4.26.0"
]
}
]
}{
"evidence_files": [
{
"path": "pyproject.toml",
"tlsh": "c8d1d8f37a851bb46dca2154f98859019b364c3b25f1b939bb9f8049070ddbe83bc86d",
"sha256": "50b15390212893d290c805bdce5bfb689ab875d04d65c5e9ff5d91acde4756c3"
}
],
"package_integrity": [
{
"filename": "jsonschemavalidation-4.26.0-py3-none-any.whl",
"hashes": {
"md5": "ceb48ffdbd98a4a24f604820a45d5c98",
"blake2b_256": "2143d4b7230153dd4e4bdac7e231bc7a25eae97ed63363cc6175475551c221c1",
"sha256": "953ae490ebffaa05c49b9186de084704c1bbdd5f0915f9822dcb65b1d2057fe8"
}
},
{
"filename": "jsonschemavalidation-4.26.0.tar.gz",
"hashes": {
"md5": "0888bbfb11a540c7afa0bc30a3d97aae",
"blake2b_256": "9d76d6e87cbe52f52b06ded856f58d4b6d4e1e9b43a85fc396295605db7f52e4",
"sha256": "6e545c0dbba0dc91e5beb23180a29d90477639c5532d9c6e3699d588f6fd77df"
}
}
]
}
"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/jsonschemavalidation/MAL-2026-6945.json"
[
{
"description": "The product contains code that appears to be malicious in nature.",
"cweId": "CWE-506",
"name": "Embedded Malicious Code"
}
]