MAL-2026-10020
Malicious code in playwrightr (PyPI)
상세
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (0e8219b6ae0da7b60916526489bcd2f364db415113ff878ea52050127dfa37b9) Package downloads and runs a remote executable, which was found to downloads further exes and starting coine mining
---
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-07-pyqt6darktheme
Reasons (based on the campaign):
- cryptominer
- Downloads and executes a remote executable.
- malware
- The package overrides the install command in setup.py to execute malicious code during installation.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
No fixed version published yet for playwrightr (pip). Pin to a known-safe version or switch to an alternative.
참고
- https://tria.ge/260708-eg92psat5t [EVIDENCE]
- https://www.virustotal.com/gui/file/93be0d295af944feef85c8694f88a50b660f106a5ed18300252a72d8b43b69de/detection [EVIDENCE]
- https://www.virustotal.com/gui/file/1f1963b8ccabbb9aaae9ce93b78d91f4f01faf0a21aed8e71b2adece16f8d5e6/detection [EVIDENCE]
- https://bad-packages.kam193.eu/pypi/package/playwrightr [WEB]