mcp-runcommand-server2

MAL-2025-191648

PyPImalware10/10/2025
Description

Malicious code in mcp-runcommand-server2 (PyPI)

Indicators of Compromise
SHA256 Hashes (4)
27ac8c6aa1983e37941dd0e54bf06040a0b3274c459e304bc9bb09a22127d3b5
384331780fb13cb123275da0b3e4d52ef2acf5beabb5d90d810624fe4099cd7a
36fb61d44529c380f204d5a210017989695ef39df6adfce7ccfb08e48a17b594
73107322dee0ccc3e592daa461014299c4daac49c933c8323b0e9edb26af23bb
IP Addresses (1)
45.115.38.27
References (2)
https://research.jfrog.com/post/3-malicious-mcps-pypi-reverse-shellOSVhttps://bad-packages.kam193.eu/pypi/package/mcp-runcommand-server2OSV
Details
EcosystemPyPI
Attack Typemalware
Published10/10/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001