—

MAL-2026-6231

Malicious code in improvado-layout-panel-metrics (PyPI)

Details

--- _-= Per source details. Do not edit below this line.=-_

## Source: kam193 (5aeeeb45ef8a0d58b7679829291f01f8455c466a416fe3706e9d2042666a40de) During import, the package starts a reverse shell.

---

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-06-acme-widget-layout-utils

Reasons (based on the campaign):

- The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.

## Source: ossf-package-analysis (45281220c3d37f2fbfa7f18d1d963443a5521d4d5c37614b0843202c32e8d528) The OpenSSF Package Analysis project identified 'improvado-layout-panel-metrics' @ 0.1.1 (pypi) as malicious.

It is considered malicious because:

- The package executes one or more commands associated with malicious behavior.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / improvado-layout-panel-metrics

No fixed version published yet for improvado-layout-panel-metrics (pip). Pin to a known-safe version or switch to an alternative.

References

https://bad-packages.kam193.eu/pypi/package/improvado-layout-panel-metrics [WEB]