-= Per source details. Do not edit below this line.=-
During installation, the package exfiltrates random files.
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-07-manik
Reasons (based on the campaign):
The package overrides the install command in setup.py to execute malicious code during installation.
files-exfiltration
{
"malicious-packages-origins": [
{
"sha256": "9f5401ff0b4189038b0682df9360adf8a7b3f1c0b19f41726a9bb1ebb6770d5e",
"id": "pypi/2026-07-manik/manik",
"source": "kam193",
"import_time": "2026-07-08T17:01:37.697521914Z",
"versions": [
"1.2.1"
],
"modified_time": "2026-07-08T16:05:51.903791Z"
}
]
}