PROBABLY_PENTEST (1) campaign cataloged at 2025-07-04(2).

1. Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2025-07-malimalo

The only goal of the package is to execute a webhook or a suspicious file during installation.

Closely related to 2025-07-0x9xnx - created after previous packages were quarantined, similar names, similar usage, but no clearly malicious parts.

Abuse categories

override_install

The package overrides the install command in setup.py to execute malicious code during installation.

Packages in the campaign

campaign:2025-07-malimalo

• malicus
• maliinn
• malimalo
• malimaloo
• malimalooo
• malinssx