THREATPKG
SYNC STALE

Supply-chain threat intelligence

Incident detail

criticalpypi·malware·osv

Malicious code in pylogfmt (PyPI)

pylogfmt

Risk score

92

AI summary

Indexed incident for pylogfmt (pypi).

Description

-= Per source details. Do not edit below this line.=-

Source: kam193 (ba18f7e82fa8d07985ef44f6ce5a8d4b7759f2e348b6ba073bba4dd463740d8e)

Package silently executes remote code during import.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-lognest

Reasons (based on the campaign):

  • Downloads and executes a remote malicious script.

Technical details

Affected versions

*

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents