Spectra Assure
Community
failIncident: Malware
Scanned: 8 days ago

kzip

Artifact:
latest
removed
malicious
A compact Python library for archiving and extracting ZIP files.
License: Permissive (MIT)
Published: about 2 months ago
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
1 components prone to hijacking
Malware
3 supply chain attack artifacts

INCIDENTS FOR THIS VERSION:

removal
about 2 months agoReported By: Community
malware
about 2 months agoReported By: Community (OpenSSF)
More info
malware
about 1 month agoReported By: ReversingLabs (Researcher)
Learn more about malware detection
List of software behaviors discovered with static code analysis.
Info
Count
Category

Prevalence in PyPI community

Behavior uncommon for this community (Uncommon)
0 packages
found in
Top 100
3 packages
found in
Top 1k
5 packages
found in
Top 10k
59 packages
in community

Prevalence in PyPI community

Behavior uncommon for this community (Uncommon)
4 packages
found in
Top 100
12 packages
found in
Top 1k
55 packages
found in
Top 10k
1.35k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
6 packages
found in
Top 100
16 packages
found in
Top 1k
81 packages
found in
Top 10k
1.68k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
39 packages
found in
Top 100
252 packages
found in
Top 1k
1477 packages
found in
Top 10k
53.15k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
22 packages
found in
Top 100
78 packages
found in
Top 1k
407 packages
found in
Top 10k
12.62k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
70 packages
found in
Top 100
472 packages
found in
Top 1k
4207 packages
found in
Top 10k
413.79k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
49 packages
found in
Top 100
386 packages
found in
Top 1k
2551 packages
found in
Top 10k
118.44k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
62 packages
found in
Top 100
578 packages
found in
Top 1k
4231 packages
found in
Top 10k
217.95k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
96 packages
found in
Top 100
821 packages
found in
Top 1k
6994 packages
found in
Top 10k
450.45k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
27 packages
found in
Top 100
151 packages
found in
Top 1k
848 packages
found in
Top 10k
18.31k packages
in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.