{"id":"MAL-2026-4176","summary":"Malicious code in dabrius-utils (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (381f128317bd76fe2e5d34df5decd7f27475bff72e646ccdb19cb1334a068b07)\nPackage is local-only PoC of supply chain attack. The commented code and name reveals relation to the previously uploaded package containing data exfiltration.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-05-dabrius\n\n\nReasons (based on the campaign):\n\n\n - exfiltration-generic\n\n\n - llm-threat\n\n\n - exfiltration-credentials\n","modified":"2026-05-19T19:46:41.512487116Z","published":"2026-05-19T19:00:15Z","database_specific":{"malicious-packages-origins":[{"versions":["0.0.1","0.0.2"],"id":"pypi/2026-05-dabrius/dabrius-utils","import_time":"2026-05-19T19:37:36.201502842Z","modified_time":"2026-05-19T19:00:15.321562Z","sha256":"381f128317bd76fe2e5d34df5decd7f27475bff72e646ccdb19cb1334a068b07","source":"kam193"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/dabrius-utils"}],"affected":[{"package":{"name":"dabrius-utils","ecosystem":"PyPI","purl":"pkg:pypi/dabrius-utils"},"versions":["0.0.1","0.0.2"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/dabrius-utils/MAL-2026-4176.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"REPORTER"}]}