—

MAL-2026-5878

Malicious code in cache-compat-utils (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (3abe4019efea5cdd405c9129e127f5d8b05456422574e40b01c6ec3b10177975) The package contains obfuscated JS code with an infostealer harvesting all kinds of credentials, as well as a worm capable of spreading the infection further.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-cache-compat-utils

Reasons (based on the campaign):

- obfuscation

- malware

- infostealer

- exfiltration-credentials

- exfiltration-ssh-keys

- exfiltration-cloud-tokens

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / cache-compat-utils

No fixed version published yet for cache-compat-utils (pip). Pin to a known-safe version or switch to an alternative.

References

https://bad-packages.kam193.eu/pypi/package/cache-compat-utils [WEB]