—
MAL-2026-5273
Malicious code in anthropy (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (4f399f7bce64b482a85876e01829154fd6031d69466c7d46543f1126eb12f854) During import, the package starts a reverse shell
---
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2026-06-anthropy
Reasons (based on the campaign):
- The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
Are you affected?
Enter the version of the package you're using.
Affected packages
PyPI / anthropy
No fixed version published yet for anthropy (pip). Pin to a known-safe version or switch to an alternative.