renderkitcore

MAL-2026-3214

PyPIbackdoor5/1/2026

Description

Malicious code in renderkitcore (PyPI)

Indicators of Compromise

SHA256 Hashes (1)

a66bf58bff553ec613604164eb60adcb89fcde468491b746838a6e2c18b0e3a0

Domains (2)

renderkit1.vercel.appctx-graphics.vercel.app

References (4)

https://github.com/0xsebasneuronOSV https://socket.dev/supply-chain-attacks/north-korea-s-contagious-interview-campaignOSV https://github.com/0xsebasneuron/polymarket-arbitrage-copy-trading-bot-V2/commit/4dae9aea3c35a627a7f38a28946f73af18930a3e#diff-4d7c51b1efe9043e44439a949dfd92e5827321b34082903477fd04876edb7552OSV https://bad-packages.kam193.eu/pypi/package/renderkitcoreOSV

Details

EcosystemPyPI

Attack Typebackdoor

Published5/1/2026

Quick Actions

All Incidents PyPI Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001