confighum

MAL-2025-6482

PyPImalware7/4/2025
Description

Malicious code in confighum (PyPI)

Indicators of Compromise
SHA256 Hashes (6)
ca727db60ee7e06d2585cfa6fa45d79769dc0088f159e72182d9034dd9247c78
fea5a4ad0eedbf123c02f1c5e46a5bdf8ed6ce2ec8b5b002aa1043bd2263f81e
511ffd6fba9383efcec010bdbd12b19e237a79e473dff14a511a8fc9f2e368ba
48541202bca35853be1841a589b97e639fd36966f0d88900d11ff28be1b85b61
2195a301afe9c87930da8d0b5cc6bbb3c19a5096b68fabcdbef65da1d5769640
47b7e6787caa223fbc2581af974d868ffe96c545f273484cc341b81552b89b29
Domains (3)
chrome-data-receiver.up.railway.appchrome-extract.up.railway.appvell-production.up.railway.app
References (2)
https://www.fortinet.com/blog/threat-research/malicious-packages-across-open-source-registriesOSVhttps://bad-packages.kam193.eu/pypi/package/confighumOSV
Details
EcosystemPyPI
Attack Typemalware
Published7/4/2025
Quick Actions
All IncidentsPyPI Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001