THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for datapipe-util (pypi).
Description
The package intentionally uses the malicious binproto package deploying the malware.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-05-binproto
Reasons (based on the campaign):
obfuscation
Downloads and executes a remote executable.
action-hidden-in-lib-usage
malware
Technical details
Indicators
- affected version<function fixed() { [native code] }75%
- affected version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg