Skip to content

pyg-utils malicious PyPI package

Malware Published Aug 30, 2022 to the GitHub Advisory Database • Updated Aug 30, 2022

Package

pip pyg-utils (pip)

Affected versions

>= 0

Patched versions

None

Description

Security researchers at Check Point Research discovered a malicious package called pyg-utils. PyPI has since removed pyg-utils.

References

Published to the GitHub Advisory Database Aug 30, 2022
Last updated Aug 30, 2022

EPSS score

Weaknesses

GHSA ID

GHSA-p8ph-q2m4-p5wv

Source code

No known source code
Improvements are not currently accepted on this advisory because this package is malware and has no patched versions. If there is something to change, please open an issue at https://github.com/github/advisory-database/issues.