HIGHLY_SUSPICIOUS (1) campaign cataloged at 2026-01-26(2).

1. Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2026-01-moti

Package is prepared to automatically run detached script. The script code has to be provided through a manual action and env variables from a GitHub repository, and is not included in the repo.

Abuse categories

other

Campaign uses other.

remote_script

Downloads and executes a remote malicious script.

Packages in the campaign

campaign:2026-01-moti

• moti