Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for request-cache-py (pypi).
Description
During import, package exfiltrates browsers data, SSH keys and other credential files, env variables and other sensitive data.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-request-cache-py
Reasons (based on the campaign):
infostealer
exfiltration-env-variables
exfiltration-ssh-keys
impersonation
A Telegram webhook is used to send collected data.
exfiltration-browser-data
The package contains code to detect if it is running in a sandbox environment.
exfiltration-credentials
The malicious code is intentionally included in a dependency of the package
Technical details
Affected versions
=1.0.0=1.0.1=1.0.2=1.0.3=1.0.4=1.0.5=1.0.6=1.0.7=1.0.8=1.0.9=1.1.0
Indicators
- affected version=1.0.075%
- affected version=1.0.175%
- affected version=1.0.275%
- affected version=1.0.375%
- affected version=1.0.475%
- affected version=1.0.575%
- affected version=1.0.675%
- affected version=1.0.775%
- affected version=1.0.875%
- affected version=1.0.975%
- affected version=1.1.075%
Timeline
- Advisory published
- Indexed by ThreatPkg