53 matches found
Malicious code in paysafe-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12ef2b75345902c9fe851d85e09c4b6680a3685669ab4dcd8b827ebaebb46626 Package metadata claims to be the 'Official Paysafe SDK for Python' by 'Paysafe Developer Team', but the shipped module is a stealer disguised as a...
Malicious code in paysafe-payments (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2b7f287703755dab866acf1047a148e321d06a84353238936eaba58b6e7fda Package impersonates the Paysafe payments SDK metadata claims 'Paysafe Developer Team', 'Paysafe Payments processing library' but its advertised...
Malicious code in paysafe-kyc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c619e500f8070a5525694f42547c0b73e8189965f8816f1a124190f50bed6f5 The paysafe-kyc package impersonates a legitimate Paysafe KYC/payments SDK author string 'Paysafe Developer Team', base URL https://api.paysafe.com,...
MINI-W6XQ-P3Q3-46X3
Bulletin has no description...
MAL-2026-4820 Malicious code in datapipe-util (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74a9da1afe75ec2379c4bade6ac5145c920900e1a1e1173d59b9003061e3fb0f The package intentionally uses the malicious binproto package deploying the malware. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in binproto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72de81f36a15d75d302ca94b378c3e5025b6d0cb2d24360d06527130ed053ebd When using the provided functionality, the code silently downloads and executes a malicious executable. --- Category: MALICIOUS - The campaign has clearly...
MAL-2026-3364 Malicious code in quicklytookerv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb02e3ddf9f61661d72bac1e244227aa8b6a8a88ab1226a521cc7aa48d5da37 The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-3324 Malicious code in randomchoicemas (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0dc4c38310ad4ec9a939abd09fa48fce4f2f2e91e02389d59f3fefc30eda4c2c The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in py-clob-clients (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7136140b365c314a42f5efe300779f093c40a41fb5c2258c7f5ff05c88eba2f8 Package exfiltrates env variables from .env files. It's a typosquatting of a legitimate package and is used in a malicious GitHub repository --- Category:...
Malicious code in stringhelp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 614fb208fe0dce0e336281a07696b97a699937b1cb5d6167e6d126e8693b7ae6 The package exfiltrates Discord tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...
MAL-2026-2854 Malicious code in stringhelp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 614fb208fe0dce0e336281a07696b97a699937b1cb5d6167e6d126e8693b7ae6 The package exfiltrates Discord tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...
MAL-2026-2666 Malicious code in moooo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 110e4d99f41d1dd4567651dc21115f1793e5e2eab0e12d24ea5a433cdea87f1c When used, the package silently loads code with an infostealer focused on Discord data. --- Category: MALICIOUS - The campaign has clearly malicious intent, li...
Malicious code in apachelicense (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d96d45a87e117e72107d6d6dfbe8c4e94323323bc28ce9accd8ccba39a0a46c Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...
Malicious code in license-utils-kit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...
Malicious code in project47 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-1412 Malicious code in project47 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-1089 Malicious code in randomstringgen (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9fc95ea566ad1938f7f75123eee2d8b3365bf55f06d7aa8a5f569f5e4c696132 Using the provided function results in exfiltrating the current running file likely the user's script to the hardcoded location. --- Category: MALICIOUS - The...
Malicious code in flycord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2071af47a4b327550f5614253b291b893e0741e6f2ebe3b4378a4794696d211 When the user uses the provided library, this package silently reports basic information and the result of the user's action to a hardcoded, obfuscated URL...
MAL-2026-936 Malicious code in questpro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be333f6f44c50eba4d7a7c11754e048bdc2ed092ae58cee1e88cb24225d4d151 When using the package, user's Discord tokens are silently exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in questpro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be333f6f44c50eba4d7a7c11754e048bdc2ed092ae58cee1e88cb24225d4d151 When using the package, user's Discord tokens are silently exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...