{"id":"MAL-2026-1453","summary":"Malicious code in hxq-misc-utils-0379 (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: oracle-using-macaron (1e22088fbe314143f0c3eb971a645a125a9a32753184ceb5abd533ac7e60da69)\nThis package includes an encrypted payload file that appears to be used to deliver code or resources to other packages. The payload changes between releases, and because its contents cannot be inspected, it lacks transparency and violates PyPI’s publishing rules.\n","modified":"2026-03-16T04:34:23.634576Z","published":"2026-03-09T20:03:54Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-03-09T20:03:54Z","versions":["2026.310.1","2026.313.1","2026.314.1","2026.315.1","2026.315.2"],"sha256":"1e22088fbe314143f0c3eb971a645a125a9a32753184ceb5abd533ac7e60da69","modified_time":"2026-03-09T20:03:54Z","source":"oracle-using-macaron"}]},"affected":[{"package":{"name":"hxq-misc-utils-0379","ecosystem":"PyPI","purl":"pkg:pypi/hxq-misc-utils-0379"},"versions":["2026.310.1","2026.313.1","2026.314.1","2026.315.1","2026.315.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/hxq-misc-utils-0379/MAL-2026-1453.json"}}],"schema_version":"1.7.5","credits":[{"name":"Oracle using Macaron","contact":["https://github.com/oracle/macaron"],"type":"FINDER"}]}