mcp-runcommand-server

MAL-2025-191647

PyPImalware10/10/2025
Description

Malicious code in mcp-runcommand-server (PyPI)

Indicators of Compromise
SHA256 Hashes (5)
47adfa8ad8aaeda60898c3ee3f94d214c39a6cbbf5849b129803b33445711dac
133374a34eb4699b428be2676d5e2595aec20f89e6e9efd9bab5d189aab718a7
17f8adb9e7e30e13f8656300881d4e04975f499c03c2f1dbea2e00fd86c357a5
a0e816fae11239ebbb35bbbf5c96247018cef59df505c7ee4b5a79abd890126e
c1c16f47009ac9683f5a092041d6bad2f1dc7b7e3c158817575def3f4ca24c84
IP Addresses (1)
45.115.38.27
References (2)
https://research.jfrog.com/post/3-malicious-mcps-pypi-reverse-shellOSVhttps://bad-packages.kam193.eu/pypi/package/mcp-runcommand-serverOSV
Details
EcosystemPyPI
Attack Typemalware
Published10/10/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001