HIGHLY_SUSPICIOUS (1) campaign cataloged at 2025-07-04(2).
- Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
- This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.
2025-07-reade¶
If imported, the package attempts to execute code from a URL hidden in the README file. However, the file is not included in the package, which indicates either an issue during packaging or preparing for a usage as dependency.
Due to lack of the file, it's not possible to 100% determine intentions.
Abuse categories¶
remote_script
Downloads and executes a remote malicious script.