HIGHLY_SUSPICIOUS (1) package from Python Package Index.
- Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
hello-world-client-fuck¶
Affected versions: (1) 0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.0.5, 0.0.6, 0.0.7, 0.0.8, 0.0.9, 0.0.10, 0.0.11, 2105.446.11, 2105.446.22, 2105.521.1130, 2105.611.5813, 2105.613.3222, 2105.614.1032, 2105.614.1413, 2105.614.1847, 2105.615.3407, 2105.615.5204, 2105.701.3618, 2105.703.4929, 2105.915.3600, 2105.1221.4641, 1620856261, 1620925123, 1620928254
- Version numbers are usually added automatically. In most cases, the packages listed here were created only to distribute malicious code.
Campaign data¶
Campaign information may not always be 100% accurate for every related package.
Campaign description
Packages that seem to be risky or a part of potential malicious activity, but without any confirmed malicious usage.
See more details on the campaign page.
Look up in other services¶
- Check metadata in pypi-data project (1)
- Search for the package in deps.dev(2)
- Search for the package in socket.dev (3)
- Search for the package in secure.software (4)
- Search for the package in Snyk Advisor (5)
- May not be available. See more in pypi-json-data repository.
- Open Source Insights project, provided by Google.
- Service from Socket.dev, a cybersecurity company.
- Spectra Assure Community, a service from ReversingLabs, a cybersecurity company.
- Service from Snyk, a cybersecurity company.