2998 matches found
MAL-2026-6929 Malicious code in paysafe-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae864f77805fa7e1facccf45d1af67d37603c5a085f55d733d9d3eb8cf4d26c8 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae864f77805fa7e1facccf45d1af67d37603c5a085f55d733d9d3eb8cf4d26c8 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
MAL-2026-6928 Malicious code in paysafe-payments (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cc8e13806589e7fbb3dbe284624b88d6de8c030f32c04c20f8c76af059f33515 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-payments (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cc8e13806589e7fbb3dbe284624b88d6de8c030f32c04c20f8c76af059f33515 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-kyc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7089650efc5360b819e8831801bcedf6489945f5b563729e99f036461bd59092 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
MAL-2026-6927 Malicious code in paysafe-kyc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7089650efc5360b819e8831801bcedf6489945f5b563729e99f036461bd59092 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
MAL-2026-6926 Malicious code in paysafe-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in ipa-user-collector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2df148f70b40274f48d5bc4d8ea5a97bb434a743cf7a5c1b271a5a5cd7fa3907 During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...
MAL-2026-6749 Malicious code in ipa-user-collector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2df148f70b40274f48d5bc4d8ea5a97bb434a743cf7a5c1b271a5a5cd7fa3907 During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...
Malicious code in haproxy-config-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f70d07844bca4fadfcedb195f5768c8a95318af4d62a4bcec94556b99b72c4ad During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...
MAL-2026-6748 Malicious code in haproxy-config-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f70d07844bca4fadfcedb195f5768c8a95318af4d62a4bcec94556b99b72c4ad During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...
Malicious code in cursed-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b6aab954f9b8edbc759c97eabe39d7a070c4dbe852586422761ad0f8c7ad95 [email protected] executes attacker-controlled code on three separate triggers and operates a bidirectional command channel against a hardcoded...
MAL-2026-6572 Malicious code in rebrandly-domains-digger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...
MAL-2026-6573 Malicious code in rebrandly-domains-search-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d4464320c8530d582d35f85ce95045182d82e1dd63a830644bcb68f05bdf10e Package [email protected] is an empty module index.js exports an empty object whose package.json preinstall hook runs node...
Malicious code in skillspector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c77584b4e40db9023ca0b8a90fa1bd611c859ed486f99ca3a7c9a83dbfa9877 This package presents itself as a redistribution of NVIDIA/skillspector pyproject Homepage points to github.com/NVIDIA/skillspector and the source...
MAL-2026-6561 Malicious code in skillspector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c77584b4e40db9023ca0b8a90fa1bd611c859ed486f99ca3a7c9a83dbfa9877 This package presents itself as a redistribution of NVIDIA/skillspector pyproject Homepage points to github.com/NVIDIA/skillspector and the source...
Malicious code in pkg-fallback (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f4ccaa9f059318782cd3b811f5bd6ea926e267e4b05dc4971d6acc6687d5d4f setup.py performs an unconditional urllib.request.urlopen at install time to a hardcoded plaintext bare-IP endpoint...
MAL-2026-6557 Malicious code in pkg-fallback (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f4ccaa9f059318782cd3b811f5bd6ea926e267e4b05dc4971d6acc6687d5d4f setup.py performs an unconditional urllib.request.urlopen at install time to a hardcoded plaintext bare-IP endpoint...
CVE-2026-54232
A flaw was found in vLLM, an inference and serving engine for large language models LLMs. This vulnerability, a dependency confusion attack, allows a remote attacker to execute arbitrary code with root privileges during the Docker build process. By exploiting this, an attacker can compromise the...