{"id":"MAL-2026-7006","summary":"Malicious code in manik (PyPI)","details":"\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (9f5401ff0b4189038b0682df9360adf8a7b3f1c0b19f41726a9bb1ebb6770d5e)\nDuring installation, the package exfiltrates random files.\n\n\n---\n\nCategory: MALICIOUS - The campaign has clearly malicious intent, like infostealers.\n\n\nCampaign: 2026-07-manik\n\n\nReasons (based on the campaign):\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n\n - files-exfiltration\n","modified":"2026-07-08T17:16:45.748433388Z","published":"2026-07-08T16:05:51Z","database_specific":{"malicious-packages-origins":[{"versions":["1.2.1"],"id":"pypi/2026-07-manik/manik","import_time":"2026-07-08T17:01:37.697521914Z","modified_time":"2026-07-08T16:05:51.903791Z","sha256":"9f5401ff0b4189038b0682df9360adf8a7b3f1c0b19f41726a9bb1ebb6770d5e","source":"kam193"}]},"references":[{"type":"WEB","url":"https://bad-packages.kam193.eu/pypi/package/manik"}],"affected":[{"package":{"name":"manik","ecosystem":"PyPI","purl":"pkg:pypi/manik"},"versions":["1.2.1"],"database_specific":{"source":"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/manik/MAL-2026-7006.json"}}],"schema_version":"1.7.5","credits":[{"name":"Kamil Mańkowski (kam193)","contact":["https://github.com/kam193","https://bad-packages.kam193.eu/"],"type":"ANALYST"}]}