Lucene search
K

34 matches found

OSSF Malicious Packages
OSSF Malicious Packages
‱added 2026/02/14 12:34 p.m.‱9 views

Malicious code in cubaflixdownload (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e301875480dd0a0265eef6c8d1a5b65ef85f1e2051d0e5491dcb4767c5f7b578 During importing, the code automatically starts a Telegram bot designed to download and save files locally upon a specific message in the channel. While this...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2026/02/02 12:56 p.m.‱8 views

Malicious code in tableapy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7adeff5bc226723e8e3241a36596e3e99094553770deda5e89ac8caf7c0e0f01 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.8AI score
Exploits0References3
OSV
OSV
‱added 2026/02/02 12:56 p.m.‱17 views

MAL-2026-650 Malicious code in tableapy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7adeff5bc226723e8e3241a36596e3e99094553770deda5e89ac8caf7c0e0f01 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2026/01/28 7:42 a.m.‱8 views

Malicious code in tabullates (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 499d47c3064299cb3d921b32ac9f22c2bab7b0b841b3de3a0cee3029625d5d26 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score
Exploits0References3
Metasploit
Metasploit
‱added 2026/01/07 6:58 p.m.‱288 views

Python Site-Specific Hook Persistence

This module leverages Python's startup mechanism, where some files can be automically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages directories, any lin...

5.8AI score
Exploits0
GithubExploit
GithubExploit
‱added 2025/12/13 3:49 p.m.‱144 views

MicrosoftAmplifierPoC

Microsoft Amplifier RCE PoC Proof of concept demonstrating re...

8.2AI score
Exploits0
OSV
OSV
‱added 2025/10/01 10:11 a.m.‱3 views

MAL-2025-47875 Malicious code in tikweb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 56e420aab6cf451bf10ab865d2950af02e45914f0a7618355f7ee8384ddcd858 This malicious package claims to interact with TikTok web features programmatically, but runs malicious obfuscated code upon import and via other...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2025/09/22 2:12 a.m.‱5 views

Malicious code in vielcord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4663c6d9af6fa1feac7fd1719e4ff1a729bc8297eec7ce927a13804d475d2c8b During the execution, the package silently download and runs a JAR not related to the package job. At the time of analysis, the content was corrupted ---...

6.9AI score
Exploits0References1
OSV
OSV
‱added 2025/09/22 2:12 a.m.‱6 views

MAL-2025-47510 Malicious code in vielcord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4663c6d9af6fa1feac7fd1719e4ff1a729bc8297eec7ce927a13804d475d2c8b During the execution, the package silently download and runs a JAR not related to the package job. At the time of analysis, the content was corrupted ---...

6.8AI score
Exploits0References1
Snyk
Snyk
‱added 2025/08/01 2:7 p.m.‱3 views

Malicious Package

Overview loquru is a malicious package. This package contains a malicious code and uses "typosquatting" to bait unaware users to install it. The malicious loquru package pretends to be the popular loguru library. It hides malicious code within a string of whitespace, which is executed upon import...

9.8CVSS7.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2025/02/23 4:50 a.m.‱4 views

Malicious code in gslack (npm)

This package runs commands on import that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72940e36f27a988f3e03f79a6a0ce0cafc2e871808da0318087ed2657454ecf9 Any computer that has this package installed or running...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2025/02/23 4:50 a.m.‱3 views

Malicious code in honeybook-marketing-gatsby (npm)

This package runs commands on import that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6a761d9d52123cbe6038ec3bf99541c0d74203f7a450e8149baf18d9ed8fb6b Any computer that has this package installed or running...

7AI score
Exploits0References1
OSV
OSV
‱added 2024/11/29 6:14 p.m.‱4 views

MAL-2024-12230 Malicious code in catme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7b5df44af9cbed7b8a7112f36f9c99b466e9143b36d62fd43e4caf480df811d0 Importing the module starts executing a remote script, as well as leaves a persitance in the .bashrc --- Category: MALICIOUS - The campaign has clearly malicio...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
‱added 2024/11/05 8:15 a.m.‱6 views

Malicious code in bytekafka-0-0-15 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4619fa745296f46998d4eb4e25a7f4841bdd8634ead366c63521d25abf739a7e A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
Rows per page
Query Builder