Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Mondoo Vulnerability Intelligence
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
-= Per source details. Do not edit below this line.=-
During installation, a script to execute remote commands through a Discord bot is installed, ensuring its persistence over reboots
Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.
Campaign: 2025-11-hooktest1
Reasons (based on the campaign):
The package overrides the install command in setup.py to execute malicious code during installation.
The package contains code to execute remote commands (probably limited to a specific set) on the victim's machine.
rat
0.1.1Exploitability
AV:NAC:L10.0/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H