—

MAL-2026-5086

Malicious code in polymarket-data (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (a690aea77d0d48fae2a4f500f434cc5d4fb5cde042b7b902b0ee647b97921dc4) The package attempts to exfiltrate sensitive data related to cryptocurrencies and API keys, as well as establish persistence. Likely related to 2026-05-polymarket-data-fetcher.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-05-polymarket-data

Reasons (based on the campaign):

- crypto-related

- exfiltration-crypto

- exfiltration-credentials

- persistence

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / polymarket-data

No fixed version published yet for polymarket-data (pip). Pin to a known-safe version or switch to an alternative.

References

https://bad-packages.kam193.eu/pypi/package/polymarket-data [WEB]