github · saivarun3407 · Feb 7, 2026
diff --git a/.DS_Store b/.DS_Store
diff --git a/advisories/.DS_Store b/advisories/.DS_Store
diff --git a/advisories/malware/.DS_Store b/advisories/malware/.DS_Store
diff --git a/advisories/malware/pypi/.DS_Store b/advisories/malware/pypi/.DS_Store
diff --git a/advisories/malware/pypi/p7zip-full/MAL-2026-790.json b/advisories/malware/pypi/p7zip-full/MAL-2026-790.json
@@ -0,0 +1,59 @@
+{
+  "id": "MAL-2026-790",
+  "summary": "Malicious code in p7zip-full (PyPI)",
+  "details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: kam193 (af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c)\nInstalling the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research & co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n",
+  "modified": "2026-02-06T10:29:40.316315Z",
+  "published": "2026-02-06T09:30:38Z",
+  "database_specific": {
+    "malicious-packages-origins": [
+      {
+        "id": "pypi/GENERIC-standard-pypi-install-pentest/p7zip-full",
+        "source": "kam193",
+        "sha256": "af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c",
+        "versions": [
+          "0.1.0",
+          "0.2.0",
+          "1.0.0",
+          "2.0.0"
+        ],
+        "modified_time": "2026-02-06T09:30:38.598924Z",
+        "import_time": "2026-02-06T10:18:16.426835331Z"
+      }
+    ]
+  },
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://bad-packages.kam193.eu/pypi/package/p7zip-full"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "name": "p7zip-full",
+        "ecosystem": "PyPI",
+        "purl": "pkg:pypi/p7zip-full"
+      },
+      "versions": [
+        "0.1.0",
+        "0.2.0",
+        "1.0.0",
+        "2.0.0"
+      ],
+      "database_specific": {
+        "source": "https://github.com/ossf/malicious-packages/blob/main/osv/malicious/pypi/p7zip-full/MAL-2026-790.json"
+      }
+    }
+  ],
+  "schema_version": "1.7.3",
+  "credits": [
+    {
+      "name": "Kamil Mańkowski (kam193)",
+      "contact": [
+        "https://github.com/kam193",
+        "https://bad-packages.kam193.eu/"
+      ],
+      "type": "ANALYST"
+    }
+  ]
+}