pypi · Malicious package advisory
Malwarelognest
MAL-2026-4227
Malicious code in lognest (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (8a52e16511fcccbee8bfd9e44dca8d6a3b5927bd5e66cf6fc7b849900c71ed9f) Package silently executes remote code during import. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-lognest Reasons (based on the campaign): - Downloads and executes a remote malicious script.
Compromised versions (5)
- 0.1.0
- 0.1.1
- 0.1.2
- 0.1.3
- 0.1.4
Any computer that installed or ran a compromised version should be considered fully compromised. Rotate every secret on that machine from a clean environment.