Supply-chain threat intelligence

Incident detail

criticalpypi·obfuscation·osv

Malicious code in confighub (PyPI)

confighub

Risk score

92

AI summary

Indexed incident for confighub (pypi).

Description

This package depends on malicious 'procwire', which starts malicious actions during installation.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-procwire

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • Downloads and executes a remote executable.

  • obfuscation

  • The malicious code is intentionally included in a dependency of the package

  • malware

  • steganography

Technical details

Affected versions

=7.0.1=7.0.2

Indicators

  • affected version=7.0.175%
  • affected version=7.0.275%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents