THREATPKG
SYNC STALE

Supply-chain threat intelligence

Incident detail

criticalpypi·credential theft·osv

Malicious code in polymarket-data (PyPI)

polymarket-data

Risk score

92

AI summary

Indexed incident for polymarket-data (pypi).

Description

-= Per source details. Do not edit below this line.=-

Source: kam193 (a690aea77d0d48fae2a4f500f434cc5d4fb5cde042b7b902b0ee647b97921dc4)

The package attempts to exfiltrate sensitive data related to cryptocurrencies and API keys, as well as establish persistence. Likely related to 2026-05-polymarket-data-fetcher.

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-polymarket-data

Reasons (based on the campaign):

  • crypto-related

  • exfiltration-crypto

  • exfiltration-credentials

  • persistence

Technical details

Affected versions

<function fixed() { [native code] }

Indicators

  • affected_version<function fixed() { [native code] }75%
  • affected_version<function fixed() { [native code] }75%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents