MAL-2026-696
See a problem?- Import Source
- https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/pathfiles/MAL-2026-696.json
- JSON Data
- https://api.osv.dev/v1/vulns/MAL-2026-696
- Published
- 2026-02-03T09:15:58Z
- Modified
- 2026-02-03T10:33:00.956892Z
- Summary
- Malicious code in pathfiles (PyPI)
- Details
-
-= Per source details. Do not edit below this line.=-
Source: kam193 (a96d53709493a07432f8619b9ca322fef0fb4bf9080a02da7e8f6bc03353b3c0)
Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at the moment, the package is clearly created for data exfiltration
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-02-pathfiles
Reasons (based on the campaign):
obfuscation
action-hidden-in-lib-usage
- Database specific
{ "malicious-packages-origins": [ { "sha256": "a96d53709493a07432f8619b9ca322fef0fb4bf9080a02da7e8f6bc03353b3c0", "source": "kam193", "modified_time": "2026-02-03T09:30:36.188013Z", "id": "pypi/2026-02-pathfiles/pathfiles", "import_time": "2026-02-03T09:48:14.790582247Z", "versions": [ "1.0.1", "1.0.8", "1.0.9" ] }, { "sha256": "2c8fab273f2136c763bb212071216bca9ac4ece66962e7afc14fa6d07cf67256", "source": "kam193", "modified_time": "2026-02-03T09:42:40.378878Z", "id": "pypi/2026-02-pathfiles/pathfiles", "import_time": "2026-02-03T10:17:17.545134258Z", "versions": [ "1.0.1", "1.0.8", "1.0.9", "1.1.1" ] } ] }- References
- Credits
-
-
- Kamil MaĆkowski (kam193) - REPORTER
-
Affected packages
PyPI / pathfiles
Package
- Name
- pathfiles
- View open source insights on deps.dev
- Purl
- pkg:pypi/pathfiles