Supply-chain threat intelligence

Incident detail

criticalpypi·credential theft·osv

Malicious code in paysafe-payments (PyPI)

paysafe-payments

Risk score

92

AI summary

Indexed incident for paysafe-payments (pypi).

Description

When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-paysafe-api

Reasons (based on the campaign):

  • exfiltration-env-variables

  • dependency-confusion

  • action-hidden-in-lib-usage

  • The package contains code to detect if it is running in a sandbox environment.

  • obfuscation

Technical details

Affected versions

=1.0.0

Indicators

  • affected version=1.0.075%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents