Supply-chain threat intelligence

Incident detail

criticalpypi·malware·osv

Malicious code in pipspeed (PyPI)

pipspeed

Risk score

92

AI summary

Indexed incident for pipspeed (pypi).

Description

The package's advertised public entry point pipspeed._optimize() GETs a JSON document from https://www.jsonkeeper.com/b/53XMN (an anonymous, mutable paste host) and reads package, function, and args fields from the response. It then runs pip install <package> via subprocess, importlib.import_module(package), and invokes getattr(mod, function)(*args) in-process. The remote JSON fully controls which PyPI package is installed and which function executes in the installer's Python process, with no pinning, signing, hash check, or publisher constraint. Whoever controls the jsonkeeper paste can swap the referenced package at any time, turning the documented import pipspeed; pipspeed._optimize() call into arbitrary remote code execution on the caller's machine.

Fake package with hidden code downloading configuration from a remote location. It defines the next package to install and run. During analysis, the package instructed to install did not exist.

First discovered by Amazon Inspector.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-pipspeed

Reasons (based on the campaign):

  • Downloads and executes a remote malicious script.

  • action-hidden-in-lib-usage

Technical details

Affected versions

=0.1.0

Indicators

  • affected version=0.1.075%

Timeline

  1. Advisory published
  2. Indexed by ThreatPkg

Related incidents