VYPR
← All malware advisories

pypi · Malicious package advisory

Malware

pyexecutorsme

MAL-2026-3741

Malicious code in pyexecutorsme (PyPI)

Details


---
_-= Per source details. Do not edit below this line.=-_

## Source: kam193 (326ad16be9056f6cbd75fa4f9a47dec8c3613b56aa53d3e5d439efeef7c6fcad)
Package attempts to download and execute a script acting as remote access trojan.


---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.


Campaign: 2025-06-pyexecutorsme


Reasons (based on the campaign):


 - Downloads and executes a remote malicious script.


 - The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.


 - rat

Compromised versions (8)

  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • 0.1.6
  • 0.1.7

Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.