VDB
KO

MAL-2026-10139

Malicious code in turbocalc (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (ae55c7a3030f0ff3493a885460511e83e257b4bd6b3e347136c43518b3bddfa2) During import an obfuscated code starts in-memory functions from a binary blob; after that, it communicates with dockfinancial[.]lu, the exact behaviour is unknown.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-turbocalc

Reasons (based on the campaign):

- obfuscation

- other

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / turbocalc

No fixed version published yet for turbocalc (pip). Pin to a known-safe version or switch to an alternative.

References