Supply-chain threat intelligence
Risk score
92
Indexed incident for sufiagent (pypi).
Designed to run on Android. Under the mask of an AI agent, the code downloads a remote executable on import, and during usage, silently exfiltrates data like text messages and contacts.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-metoopro
Reasons (based on the campaign):
infostealer
files-exfiltration
exfiltration-generic
Downloads and executes a remote executable.
Affected versions
Indicators
Timeline