THREATPKG
SYNC STALE

Supply-chain threat intelligence

Incident detail

criticalpypi·obfuscation·osv

Malicious code in datapipe-util (PyPI)

datapipe-util

Risk score

92

AI summary

Indexed incident for datapipe-util (pypi).

Description

-= Per source details. Do not edit below this line.=-

Source: kam193 (74a9da1afe75ec2379c4bade6ac5145c920900e1a1e1173d59b9003061e3fb0f)

The package intentionally uses the malicious binproto package deploying the malware.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-binproto

Reasons (based on the campaign):

  • obfuscation

  • Downloads and executes a remote executable.

  • action-hidden-in-lib-usage

  • malware

Technical details

Affected versions

<function fixed() { [native code] }

Indicators

  • affected_version<function fixed() { [native code] }75%
  • affected_version<function fixed() { [native code] }75%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents