MAL-2026-6978
Malicious code in manin (PyPI)
Details
--- _-= Per source details. Do not edit below this line.=-_
## Source: kam193 (3234643a550a8e121b7f2cbee42e45fa90604a95258babd0b8a602ee97cf3045) Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated.
---
Category: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
Campaign: GENERIC-beacon-dependency-confusion
Reasons (based on the campaign):
- typosquatting
- dependency-confusion
Are you affected?
Enter the version of the package you're using.
Affected packages
No fixed version published yet for manin (pip). Pin to a known-safe version or switch to an alternative.