Malicious PyPI Package Steals Data via Trojanized AI Proxy

Malicious PyPI Package Steals Data via Trojanized AI Proxy

First seen 7 Apr 2026, 00:58 UTC GbhackersCybersecuritynewsScworld 88% similarity 61.5

Article Content

Browse articles
ThreatCluster

A malicious Python package named hermes-px has been identified on the Python Package Index (PyPI), disguised as a 'Secure AI Inference Proxy.' This package is designed to route AI requests through the Tor network, falsely claiming to protect user anonymity. However, it hijacks a private university's internal AI endpoint in Tunisia and exfiltrates sensitive user prompts, including a stolen prompt from Anthropic's Claude AI system. The attack method involves the covert collection of data while users believe they are using a secure service. The full scope of the impact is still being assessed, but the incident raises significant concerns about the security of third-party packages in the Python ecosystem. As of now, there are no reported patches or mitigation strategies available for this specific threat.

Key Points: • The hermes-px package on PyPI masquerades as a secure AI tool but steals user data. • It hijacks a Tunisian university's AI endpoint and exfiltrates sensitive prompts. • No patches or mitigation strategies have been reported for this malicious package.

ThreatCluster AI

Timeline

2026-04-06
Discovery of the hermes-px malicious package on PyPI
2026-04-06
Reports published detailing the data exfiltration method
Date unknown
Scope of impact still being assessed

Community

Browse all →