MAL-2026-5167 Malicious code in jules-test-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30c3ca1fa1b7237661d28aada477f7316b7e696a55e2c92c4dee200f291140f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2501 Malicious code in databaselooks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dd73d73ace43286d9d97ccebb1f758b52cfd114774b862c5b568a7d1151d0112 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2026 Malicious code in pipinpeace-env (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b76166abb6c7173f1cc74e41509f4ded1be2de5cea682016e00001e4e23b75a9 Package is designed to exfiltrate env variables during installation. However, it requires providing a URL as an installation parameter, which suggests it's mor...

MAL-2026-1987 Malicious code in composer-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7be3393e5cd932abe1668adaa58f526e25b1a6ab2ef4945eadeb60e68493c7ef Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in dataflux-pytorch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 486e56ad4de2a59b9c8890d854505075b556ca6920be97f850a14c7d648f7f3b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in makenotion-ppetest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a77a3e2f70388147c71ce781715204b49848f8a88c362506e14ecfbdff51208 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in osopackagepy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999886fcc5bada14ab742719f34eef0d929a1319b6011060b7e13e1598c292f0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12350 Malicious code in springboot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 16d85bf1869194ac1171299e8e0d4e04cbe415bdde4f6eb08730c6018f8958bc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...