MAL-2026-6736: Malicious code in unreal-mladapter (PyPI)
The unreal-mladapter package on PyPI contains malicious code that exfiltrates basic information such as the host's IP address and username upon installation or import. The package overrides the install command in setup.py to execute this malicious behavior. It serves no legitimate purpose beyond this data exfiltration. The risk is considered limited due to the nature of the data collected and the context of the package.
AI Analysis
Technical Summary
The unreal-mladapter PyPI package is a malicious package that executes code during installation by overriding the setup.py install command. This code collects and exfiltrates basic system information including IP address and username. The package does not provide any legitimate functionality and is categorized as a probable pentest or low-harm malicious package. There is no evidence of further exploitation or advanced payloads beyond this data exfiltration.
Potential Impact
Installation or import of the unreal-mladapter package results in unauthorized exfiltration of basic host information such as IP address and username. This may lead to privacy breaches or reconnaissance data leakage. No further exploitation or system compromise details are provided.
Mitigation Recommendations
No official patch or remediation is currently available. Users should avoid installing or importing the unreal-mladapter package from PyPI. Since this is a malicious package, removing it and scanning for any related artifacts is recommended. Monitor package sources carefully and prefer verified packages. Patch status is not yet confirmed — check the vendor advisory or PyPI security notices for updates.
MAL-2026-6736: Malicious code in unreal-mladapter (PyPI)
Description
The unreal-mladapter package on PyPI contains malicious code that exfiltrates basic information such as the host's IP address and username upon installation or import. The package overrides the install command in setup.py to execute this malicious behavior. It serves no legitimate purpose beyond this data exfiltration. The risk is considered limited due to the nature of the data collected and the context of the package.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The unreal-mladapter PyPI package is a malicious package that executes code during installation by overriding the setup.py install command. This code collects and exfiltrates basic system information including IP address and username. The package does not provide any legitimate functionality and is categorized as a probable pentest or low-harm malicious package. There is no evidence of further exploitation or advanced payloads beyond this data exfiltration.
Potential Impact
Installation or import of the unreal-mladapter package results in unauthorized exfiltration of basic host information such as IP address and username. This may lead to privacy breaches or reconnaissance data leakage. No further exploitation or system compromise details are provided.
Mitigation Recommendations
No official patch or remediation is currently available. Users should avoid installing or importing the unreal-mladapter package from PyPI. Since this is a malicious package, removing it and scanning for any related artifacts is recommended. Monitor package sources carefully and prefer verified packages. Patch status is not yet confirmed — check the vendor advisory or PyPI security notices for updates.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- MAL-2026-6736
- Osv Schema Version
- 1.7.4
- Aliases
- []
- Ecosystems
- ["PyPI"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a46ecac27e9c7971943b843
Added to database: 07/02/2026, 22:56:44 UTC
Last enriched: 07/02/2026, 23:04:02 UTC
Last updated: 07/02/2026, 23:04:02 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.