graphsync

MAL-2025-192385

PyPImalware12/9/2025
Description

Malicious code in graphsync (PyPI)

Indicators of Compromise
SHA256 Hashes (3)
dbb10327d6553750848c2b849abba1ed717438928a6cfdc148b73de73db8e9db
5f90028620c243d8f4c4345f3d9de2b21c0d1fcc6a7b56d7654589baa760f39f
ec94d3fbe5a41c721fdb8f6de0b7485d5b8a13e61f65f72a7e0754c7f5589ae6
Domains (1)
aurevian.cloud
References (2)
https://bad-packages.kam193.eu/pypi/package/graphsyncOSVhttps://www.reversinglabs.com/blog/fake-recruiter-campaign-crypto-devsOSV
Details
EcosystemPyPI
Attack Typemalware
Published12/9/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001