Lucene search
K

10 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in metemask-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a99855c93b46f7b996a005065c319bbb24c9d1f497d05dfd38fc83d1b21facdd metemask-sdk is a typosquat of the legitimate metamask-sdk package. On import, the top-level init.py performs an outbound HTTP fetch to...

6.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.11 views

Malicious code in @tinyfox/shapecheck (npm)

@tinyfox/shapecheck malicious version 0.8.7, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/06/15 9:52 p.m.7 views

MAL-2026-5841 Malicious code in twrap-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174cba09d5ec9724bd55871c7f74c27ff8592bf55c06464204e0591667377259 twraptoolkit/init.py defines getpayload which issues a plaintext HTTP request to http://194.5.152.9:8080/hacks/textwrap-toolkit/textwraptoolkit/init....

6.6AI score
Exploits0References2
OSV
OSV
added 2026/05/26 4:36 a.m.11 views

MAL-2026-4357 Malicious code in helu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15a97c1f0e23d838c86d69a3ceae306071a9b4b8c17162a1f563aefe489ffbe4 During import, the hidden code downloads and executes the second-stage code. After performing anti-analysis checks, it downloads a malicious executable and...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/05/14 4:53 p.m.11 views

MAL-2026-3741 Malicious code in pyexecutorsme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 326ad16be9056f6cbd75fa4f9a47dec8c3613b56aa53d3e5d439efeef7c6fcad Package attempts to download and execute a script acting as remote access trojan. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/28 8:25 a.m.8 views

Malicious code in coloreasyprint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d52af876a91a6ff5ff8144b705201fd465db94ad89f0e1b37bd22fe6ca0f5622 During import, the code downloads and executes encrypted payload from remote location. During analysis, remote code was prepared to download the next stage...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/16 1:34 a.m.5 views

MAL-2026-2908 Malicious code in pretty-logger-js (npm)

pretty-logger-js is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e46da449e6d21efcef5e9975a2f8e90c31369882800ed4c560ae47ade99b53 The packa...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/02 9:8 a.m.5 views

MAL-2026-649 Malicious code in callapirequests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/02/02 6:52 a.m.5 views

MAL-2026-640 Malicious code in connections-api-request (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/02 5:21 p.m.9 views

Malicious code in pdatainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...

7.2AI score
Exploits0References2
Rows per page
Query Builder