extrazip

MAL-2025-192948

PyPImalware12/27/2025

Description

Malicious code in extrazip (PyPI)

Indicators of Compromise

SHA256 Hashes (2)

f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf

9aa3db32c22351c4dfcbfdfce89fb38ca19fac546dba3f82d084212f8c830632

IP Addresses (2)

77.105.161.16487.120.107.132

References (4)

https://www.virustotal.com/gui/file-analysis/MGEwNWE0MzhlMTU3NTUxZTU1OGI4NTRkYTA2MWMxM2M6MTc2MzgzMDEyNA==OSV https://www.virustotal.com/gui/file/8808a0a09c0180afe742f0265f8b42bf671bc2083dcecd47c1515f52554200d9/detectionOSV https://bad-packages.kam193.eu/pypi/package/extrazipOSV https://www.getsafety.com/blog-posts/extrazip-malware-campaignOSV

Details

EcosystemPyPI

Attack Typemalware

Published12/27/2025

Quick Actions

All Incidents PyPI Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001