PkgRadar

PyPI · pypi.org

ansible-security-scanner

Clipboard Crypto Steal: clipboard access library paired with cryptocurrency seed/key patterns

Why PkgRadar flagged 0.1.25

SeveritySignalEvidence
highClipboard Crypto Stealclipboard access library paired with cryptocurrency seed/key patterns · ansible_security_scanner-0.1.25/src/ansible_security_scanner/file_scanner.py
highDNS / OAST exfiltrationmatched "burpcollaborator.net" · ansible_security_scanner-0.1.25/src/ansible_security_scanner/patterns/malicious_activity.yml

Scanned versions

VersionVerdictScoreScanned (UTC)
0.1.25High risk1412026-06-09
0.1.24High risk962026-06-08
0.1.23High risk902026-06-08
0.1.22High risk902026-06-08
0.1.21High risk902026-06-05
0.1.20High risk902026-06-05
0.1.19High risk902026-06-04
0.1.18High risk902026-05-30
0.1.17High risk902026-05-30
0.1.16High risk902026-05-30

Campaign attribution

Part of the Bittensor clipboard stealer campaign.

Block this in CI

PkgRadar gates ansible-security-scanner (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi ansible-security-scanner==0.1.25
Start free — 25 scans / moView full evidence