New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
CRITICAL PyPI Malware

Malicious code in confighub (PyPI)

MAL-2026-6752

Published · Modified

Description


__

Source: kam193 (7c0b6d6eae8eecdf0317e7d4c624ff2a1eee1ca58c92c6b4fac34dd2567f4556)

This package depends on malicious 'procwire', which starts malicious actions during installation.


Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2026-07-procwire

Reasons (based on the campaign):

  • The package overrides the install command in setup.py to execute malicious code during installation.

  • Downloads and executes a remote executable.

  • obfuscation

  • The malicious code is intentionally included in a dependency of the package

  • malware

  • steganography

Ready to move

Start Securing

Free, no credit card | First findings in minutes