THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for imgmatrix-analysis (pypi).
Description
-= Per source details. Do not edit below this line.=-
Source: kam193 (2a9f964e4264c7bcc91047fdfb9966b1ae807e1e60fafa559d5543ed6e3dc83e)
During import, the package executes remote commands sourced from a Google Sheet.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-imgmatrix-analysis
Reasons (based on the campaign):
- The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in @aonunited/angular (npm)@aonunited/angular92
- Malicious code in rookie-security-test-pkg (npm)rookie-security-test-pkg92
- Malicious code in align_rest_api (RubyGems)align_rest_api92
- Malicious code in js-shared-modules (npm)js-shared-modules92
- Malicious code in @challenger6/vm-pattern-library (npm)@challenger6/vm-pattern-library92