Supply-chain threat intelligence

Incident detail

criticalpypi·typosquatting·osv

Malicious code in urlllib321 (PyPI)

urlllib321

Risk score

92

AI summary

Indexed incident for urlllib321 (pypi).

Description

Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file.


Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.

Campaign: GENERIC-local-typosquatting

Reasons (based on the campaign):

  • dependency-confusion

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • typosquatting

Technical details

Affected versions

=2.7.0=2.7.1

Indicators

  • affected version=2.7.075%
  • affected version=2.7.175%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents