{"id":"MAL-2025-191648","summary":"Malicious code in mcp-runcommand-server2 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (36fb61d44529c380f204d5a210017989695ef39df6adfce7ccfb08e48a17b594)\nPackage starts a reverse shell to a hardcoded location\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2025-10-mcp-runcommand-server\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.\n","modified":"2026-03-19T12:54:38.419813Z","published":"2025-10-10T10:05:56Z","database_specific":{"iocs":{"ips":["45.115.38.27"]},"malicious-packages-origins":[{"modified_time":"2025-12-01T12:54:40Z","import_time":"2025-12-02T09:09:38.48818986Z","versions":["1.0.6"],"id":"RLMA-2025-05620","source":"reversing-labs","sha256":"27ac8c6aa1983e37941dd0e54bf06040a0b3274c459e304bc9bb09a22127d3b5"},{"modified_time":"2025-10-10T10:05:56.622459Z","import_time":"2025-12-02T22:30:55.329142505Z","versions":["1.0.6"],"id":"pypi/2025-10-mcp-runcommand-server/mcp-runcommand-server2","source":"kam193","sha256":"384331780fb13cb123275da0b3e4d52ef2acf5beabb5d90d810624fe4099cd7a"},{"modified_time":"2025-10-10T10:05:56.622459Z","import_time":"2025-12-02T23:07:18.357257926Z","versions":["1.0.6"],"id":"pypi/2025-10-mcp-runcommand-server/mcp-runcommand-server2","source":"kam193","sha256":"36fb61d44529c380f204d5a210017989695ef39df6adfce7ccfb08e48a17b594"},{"modified_time":"2026-03-18T12:15:56Z","import_time":"2026-03-19T12:20:02.631809902Z","id":"RLUA-2026-00503","source":"reversing-labs","sha256":"73107322dee0ccc3e592daa461014299c4daac49c933c8323b0e9edb26af23bb"}]},"references":[{"type":"WEB","url":"https://research.jfrog.com/post/3-malicious-mcps-pypi-reverse-shell"},{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/mcp-runcommand-server2"}],"affected":[{"package":{"name":"mcp-runcommand-server2","ecosystem":"PyPI","purl":"pkg:pypi/mcp-runcommand-server2"},"versions":["1.0.6"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/mcp-runcommand-server2/MAL-2025-191648.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"]},{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"},{"name":"ReversingLabs","contact":["https://www.reversinglabs.com"],"type":"FINDER"}]}