-= Per source details. Do not edit below this line.=-
Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated.
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-beacon-dependency-confusion
Reasons (based on the campaign):
typosquatting
dependency-confusion
{
"malicious-packages-origins": [
{
"modified_time": "2026-07-08T13:44:08.629544Z",
"sha256": "3234643a550a8e121b7f2cbee42e45fa90604a95258babd0b8a602ee97cf3045",
"versions": [
"0.0.1",
"0.1.0",
"0.1.1"
],
"import_time": "2026-07-08T14:18:00.733222652Z",
"source": "kam193",
"id": "pypi/GENERIC-beacon-dependency-confusion/manin"
}
]
}