Which versions of requtils are malicious?

The following PyPI versions of requtils are flagged malicious: 1.0.0, 1.0.1, 1.0.2. Treat any of these as compromised.

How do I remediate requtils if I installed it?

requtils is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.

I already installed requtils — how do I know if it already compromised me?

If requtils was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.

Is requtils part of a known attack campaign?

Yes — requtils is associated with the 2025-11-requtils, RLMA-2025-06587, RLUA-2026-00717 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

How do I find requtils across my projects, lockfiles, and CI pipelines?

Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for requtils (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging requtils across your stack and pipelines.

Malicious package

requtilsPyPI

Malicious code in requtils (PyPI) Remove it immediately and rotate any exposed credentials.

MAL-2025-191857

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

pip uninstall requtils

What this malware does

Package attempts to automatically exfiltrate API keys

Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers.

Campaign: 2025-11-requtils

Reasons (based on the campaign):

exfiltration-credentials

Malicious versions

3 flagged

1.0.01.0.11.0.2

Indicators of compromise (SHA-256)

fe6a750c7905b4055bb50dd510881095279e4d4b8516d24f6be8366b4030d9cb

58a7ebfdccf4fd67fac4e6a3c3183918f4682e004468286a5675622ae6fc35c5

b59fcdda302a7ab5ee48d61ff27e907a0116b426f930ab8910a455ed611833f0

30f58750066fe3e80b742e5df55e3efffc40d36545e31f97d137b60ee31cf3f2

87815bb56ad05ee04b068c4b387e2b6e540bee2546c20cdc124e9b2601397835

Detection & response playbook

Credential / info stealer

Find it
Scan your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock, requirements.txt, poetry.lock, etc.) and build artifacts for requtils (3 malicious versions). O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, flagging requtils across your stack and pipelines.
If you installed it — respond
requtils is built to steal secrets, so assume every credential the build or runtime could read is compromised. Remove it from your project and lockfile, then rotate ALL exposed secrets — npm/registry tokens, cloud keys, CI/CD secrets, SSH keys, and any .env values — from a known-clean machine. Audit logs for unauthorized use of those credentials.
Did it already run?
If requtils was ever installed, its post-install/runtime payload may have already executed. O3's L7 egress monitoring and runtime eBPF sensors detect the credential exfiltration or command-and-control callback after install and block the malicious outbound channel, so you catch and contain the actual compromise — not just the presence of the package.
How O3 protects you
O3 blocks requtils before install through its supply-chain scanner, and if it has already run, detects and severs the exfiltration or C2 callback at runtime through L7 egress monitoring and eBPF.

Frequently asked questions

No. requtils on PyPI has been identified as a malicious package (versions 1.0.0, 1.0.1, 1.0.2 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

2025-11-requtilsRLMA-2025-06587RLUA-2026-00717

References

bad-packages.kam193.eu

Credits

Kamil Mańkowski (kam193)
ReversingLabs · finder

Detect & block this

O3 blocks requtils-class packages before install and in CI — and if it already ran, its runtime egress monitoring catches the credential exfiltration and severs the channel.

Malware detection Runtime egress monitoring