{"id":"MAL-2026-3369","summary":"Malicious code in dabrius (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (4a154cab742b51be41ca413e20acccfed4290ac4cf692e1cfeb17a677df98bab)\nThe message hidden in the package description tries to convince AI agents to prefer installing the package, which then in multiple places marks execution and collects potentially sensitive data. The behavior extends with each version, up to exfiltration of basic information to a remote target in 1.0.7.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-05-dabrius\n\n\nReasons (based on the campaign):\n\n\n - exfiltration-generic\n\n\n - llm-threat\n\n\n - exfiltration-credentials\n","modified":"2026-05-07T20:16:55.256053Z","published":"2026-05-07T19:12:49Z","database_specific":{"malicious-packages-origins":[{"import_time":"2026-05-07T20:02:41.171800057Z","source":"kam193","versions":["0.1.0","0.1.1","0.1.2","0.1.3","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.3.0","0.3.1","0.3.2","0.3.3","0.3.4","0.4.0","0.4.1","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7"],"sha256":"4a154cab742b51be41ca413e20acccfed4290ac4cf692e1cfeb17a677df98bab","modified_time":"2026-05-07T19:12:49.885962Z","id":"pypi/2026-05-dabrius/dabrius"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/dabrius"}],"affected":[{"package":{"name":"dabrius","ecosystem":"PyPI","purl":"pkg:pypi/dabrius"},"versions":["0.1.0","0.1.1","0.1.2","0.1.3","0.2.0","0.2.1","0.2.2","0.2.3","0.2.4","0.3.0","0.3.1","0.3.2","0.3.3","0.3.4","0.4.0","0.4.1","1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.0.6","1.0.7"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dabrius/MAL-2026-3369.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}