VDB
KO

MAL-2026-10441

Malicious code in turbocalcng (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (42db7e152a9be09d9e9dbd0db5242957ff335922fbc9cf430d406cff396a063f) During import an obfuscated code starts in-memory functions from a binary blob; after that, it communicates with dockfinancial[.]lu, the exact behaviour is unknown.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-turbocalc

Reasons (based on the campaign):

- obfuscation

- other

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / turbocalcng

No fixed version published yet for turbocalcng (pip). Pin to a known-safe version or switch to an alternative.

References