failIncident: Malware

Scanned:

dbgpkg

Artifact:

latest

malicious

Research

Python Debugging Toolkit

License: Permissive (MIT)

Published:

See on PyPI

SAFE Assessment

Compliance

Licenses

No license compliance issues

Secrets

No sensitive information found

Security

Vulnerabilities

No known vulnerabilities detected

Hardening

No application hardening issues

Threats

Tampering

2 malware-like behaviors found

Malware

3 supply chain attack artifacts

IMPORTANT: All versions of this package have been malicious

Latest malware incident detected:

Version: 1.3.8

INCIDENTS:

malware

Reported By: ReversingLabs (Researcher)

Learn more about malware detection

malware

Reported By: Community (OpenSSF)

More info

List of software behaviors discovered with static code analysis.

Info

Count

Prevalence in PyPI community

No behavior prevalence information at this time

Contains URLs related to paste-and-share services.1

network

Prevalence in PyPI community

Behavior uncommon for this community (Uncommon)

1 packages

found in

Top 100

17 packages

found in

Top 1k

104 packages

found in

Top 10k

3113 packages

in community

Imports the "sys" module, which provides access to system-specific parameters and functions.2

execution

Prevalence in PyPI community

Behavior often found in this community (Common)

100 packages

found in

Top 100

843 packages

found in

Top 1k

7075 packages

found in

Top 10k

339347 packages

in community

Imports the "subprocess" module, which provides functions for creating new processes.1

execution

Prevalence in PyPI community

Behavior often found in this community (Common)

57 packages

found in

Top 100

456 packages

found in

Top 1k

3002 packages

found in

Top 10k

132844 packages

in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.