richx

MAL-2025-191658

PyPItyposquat10/31/2025
Description

Malicious code in richx (PyPI)

Indicators of Compromise
SHA256 Hashes (6)
036fba5a603820dcef3d116881967e5b16752ba12ab9defa82108ea1b9d5d74e
4c0132f75e4f988478a217acec24062b5e1fd4db594160f82753587abf21e54f
69bf6a25eb1113fcd3fb44186249000b57a995656da40d198f084fcb2fd2525b
924fa9cf3bc0754ab76a7b5960deb5b7295f4f0f3270cc5724214bdd7d543675
76a88a6f9ca106cdb5e71308ced90231e0319ebe14428736d0848d0191815a56
8b61bfdcf618edfa504103905add2cb1f4b6438931611f93a8a3ac4c6b2da9e3
References (3)
https://www.cert.at/en/blog/2025/10/how-typosquatting-tricked-me-a-bitOSVhttps://bad-packages.kam193.eu/pypi/package/richxOSVhttps://www.cert.at/en/blog/2025/10/how-typosquatting-tricked-me-a-bitOSV
Details
EcosystemPyPI
Attack Typetyposquat
Published10/31/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001