celium-collateral-upgrade

MAL-2026-52

PyPItyposquat1/5/2026

Description

Malicious code in celium-collateral-upgrade (PyPI)

Indicators of Compromise

SHA256 Hashes (1)

adea9a91926d593420b0d9d07dd66bc5656bb42bf3735074a3f33533800a79dc

Domains (2)

bitensor.xyzcameradriver.pro

IP Addresses (1)

23.227.203.99

References (4)

https://dmpdump.github.io/posts/NorthKorea_Backdoor_Stealer/OSV https://www.virustotal.com/gui/file-analysis/NTk2Y2FiNTBmM2QxODI2NDRlZGM0OTA2OGVjYzUxOTk6MTc2NzYzMzkzMA==OSV https://www.virustotal.com/gui/file/d02d6a5da3cff57d78e260961526420c172a46f4a07d18a3865fecbf5dfebc1d/detectionOSV https://bad-packages.kam193.eu/pypi/package/celium-collateral-upgradeOSV

Details

EcosystemPyPI

Attack Typetyposquat

Published1/5/2026

Quick Actions

All Incidents PyPI Incidents

Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives

PoC for every finding

30+ tools orchestrated

Book a Demo Learn More

Setup in 5 minutesSOC 2 & ISO 27001