pypi · Malicious package advisory
Malwarepipspeed
MAL-2026-10213
Malicious code in pipspeed (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (b1037d713fe94f92e9f1302a1c8fdfcd03ee290e1f2076e7c01cbd1305499e91) The package's advertised public entry point pipspeed._optimize() GETs a JSON document from https://www.jsonkeeper.com/b/53XMN (an anonymous, mutable paste host) and reads `package`, `function`, and `args` fields from the response. It then runs `pip install <package>` via subprocess, `importlib.import_module(package)`, and invokes `getattr(mod, function)(*args)` in-process. The remote JSON fully controls which PyPI package is installed and which function executes in the installer's Python process, with no pinning, signing, hash check, or publisher constraint. Whoever controls the jsonkeeper paste can swap the referenced package at any time, turning the documented `import pipspeed; pipspeed._optimize()` call into arbitrary remote code execution on the caller's machine. ## Source: kam193 (3e4b43c63e526b9741837cc11f98ffab5576e13f90f462100924778e29d2be17) Fake package with hidden code downloading configuration from a remote location. It defines the next package to install and run. During analysis, the package instructed to install did not exist. First discovered by Amazon Inspector. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-07-pipspeed Reasons (based on the campaign): - Downloads and executes a remote malicious script. - action-hidden-in-lib-usage
Compromised versions (1)
- 0.1.0
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.