29533 matches found
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per...
MAL-2026-5323 Malicious code in ppkt2synergy (PyPI)
The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...
Malicious code in mem8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d2fc000f15b66037b67d503cef346f32d400b0cc704417b28ff6c559c9924d8f Versions 6.0.1 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
Malicious code in cmd2func (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c56f23d1c59dd91728afaa8ae022f711a719574aeeabc0e2eee8f5d93dd30d21 Versions 0.2.2, 0.2.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5294 Malicious code in magique-ai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6806267ad399a4b51411f5176e26470cccb7803dff5f0f6f1e3dca6e6c82170c Versions 0.4.4, 0.4.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5322 Malicious code in phenopacket-store-toolkit (PyPI)
The package phenopacket-store-toolkit version 0.1.7 contains a malicious .pth file phenopacketstoretoolkit-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release...
Malicious code in bramin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5933ebb330070d47683cbb0b04b4a8805db94d845d0efde3a592e178a0092769 Versions 0.0.2, 0.0.3, 0.0.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code...
Malicious code in instructor-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d22e882ab0d869a60fcff314b04f0534f3622d7719ed3a9101d55bb6c81dcbc9 Versions 1.15.2, 1.15.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code execute...
MAL-2026-5301 Malicious code in mflux-streamlit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 27ef4c7f33e59dbe037d4b212286dd08cb7b1824c28c0032eb2d91db7a2b0174 Versions 0.0.3, 0.0.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in executor-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 445bbd05ea0ef3e22608235bea18f26fc18aaaff2066b5512c9752ba04a6ab13 Versions 0.3.4, 0.3.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in nucbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98ac1a9b5840905b608a09e8e66c73b750c0baa17d6b7789adfc94a8fd815e4 Versions 0.1.2, 0.1.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in pantheon-agents (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57f0e964aed446fe82998f13d1cbc577bff274378d980b551e4c134d093ab016 Versions 0.6.1, 0.6.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5285 Malicious code in ufish (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 27371fa53e0e8e5e763b18b9bcadfd9b6991c720dd154d17bffeab0e7a139ef4 Versions 0.1.2, 0.1.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5278 Malicious code in spateo-release (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 21400e8510d0663de6c3a4454fe99d9200cb83ae8d1ecdc137c99f3668da4293 Versions 1.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
MAL-2026-5298 Malicious code in executor-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 445bbd05ea0ef3e22608235bea18f26fc18aaaff2066b5512c9752ba04a6ab13 Versions 0.3.4, 0.3.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5300 Malicious code in funcdesc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6f85c691f141dc4c962171ac49945286bb40e15cb8450d2f42d048a3f53bb22 Versions 0.2.2, 0.2.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in pyphetools (PyPI)
The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...
Malicious code in funcdesc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6f85c691f141dc4c962171ac49945286bb40e15cb8450d2f42d048a3f53bb22 Versions 0.2.2, 0.2.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in synago (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bee487bb185457ca9e9d74e0963e23be3e84241a6bcd7d0bd5ca44855dd7d28b Versions 0.1.1, 0.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in mflux-streamlit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 27ef4c7f33e59dbe037d4b212286dd08cb7b1824c28c0032eb2d91db7a2b0174 Versions 0.0.3, 0.0.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...