Skip to content

PyProto2 malicious PyPI package

Malware Published Aug 30, 2022 to the GitHub Advisory Database

Package

pip PyProto2 (pip)

Affected versions

>= 0

Patched versions

None

Description

Security researchers at Check Point Research discovered a malicious package called PyProto2. PyPI has since removed PyProto2.

References

Published to the GitHub Advisory Database Aug 30, 2022

Weaknesses

GHSA ID

GHSA-gw4j-fhj8-497m

Source code

No known source code
Improvements are not currently accepted on this advisory because this package is malware and has no patched versions. If there is something to change, please open an issue at https://github.com/github/advisory-database/issues.