MAL-2025-2927 Malicious code in 7-0 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-2592 Malicious code in blackspammerbd-tg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 899ac6c3d1b62da3553aab693790598d0e87f6530b57d335deaee2545a39eb9c This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...

MAL-2025-3439 Malicious code in ccxt-mexc-futures (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f2eb5eb75679b536c430ad6d5440e63fbe1d1cd391ab1abf2a411dae3a768ed8 There is a hidden code that overwrites the default method and downloads remote data, which contains the dictionary pretending to be the right value, and a hidd...

This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions

Cybersecurity researchers have discovered a malicious Python package on the Python Package Index PyPI repository that's equipped to steal a victim's Ethereum private keys by impersonating popular libraries. The package in question is set-utils, which has received 1,077 downloads to date. It's no...

GHSA-VR75-HJH9-7FR6 Duplicate Advisory: Remote Code Execution via Malicious Pickle File Bypassing Static Analysis

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-655q-fx9r-782v. This link is maintained to preserve external references. Original Description picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that use...

MAL-2025-1967 Malicious code in aurm-python-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-2975 Malicious code in mirage-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9ba7e438828f3bcacd252bc54f00732b129fe6fc8f6a9909d964720ac1e6420 Setup.py contains a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-02-mirage-rce Reasons...

CVE-2025-1716

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package hosted, for example, on pypi.org or GitHub via pip.main. Because pip is not a restricted global, the model, when scanned with picklesca...

CVE-2025-1716 picklescan - Security scanning bypass via 'pip main'

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package hosted, for example, on pypi.org or GitHub via pip.main. Because pip is not a restricted global, the model, when scanned with picklesca...

CVE-2025-1716 picklescan - Security scanning bypass via 'pip main'

picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package hosted, for example, on pypi.org or GitHub via pip.main. Because pip is not a restricted global, the model, when scanned with picklesca...

MAL-2025-3475 Malicious code in timekeeper-verifier (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a20fe9fed2445d097ddfd628d59e1b8149913aec4915c112cacfa9fb7cdfc6e This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

Malicious code in alicloud-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6366aa8c2eff918da0f1cc2118a026e749592f71bebbe81215877575b9593c6a This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

MAL-2025-3006 Malicious code in tcloud-python-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 221affa8a84428ae21f288ce299d114742d269e7bbcbf223a0aa666327fae2c4 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

MAL-2025-2947 Malicious code in coinanalyze (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f7faa2aef0e6f2b325d841b405418465db3f0dd601519861d70df45bb4d7adb5 Package contains obfuscated code that exfiltrate basic data and awaits for commands from the remote server to execute them. This is a malicious copy of...

MAL-2025-3004 Malicious code in systoring (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5be790277882f23120bae2ed3979650349878074f8d3d10f869d726fa106160f Infostealer with multiple possibilities, but not auto-activating on installation. There are already multiple attempts to publish it, with different...

CVE-2024-26151

The mjml PyPI package, found at the FelixSchwarz/mjml-python GitHub repo, is an unofficial Python port of MJML, a markup language created by Mailjet. All users of FelixSchwarz/mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input...

Malicious code in sajadninja-sajad (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-978 Malicious code in sajadnewninja (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-957 Malicious code in pyethereum2345 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in reque (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8ce48406d7fce137de7e9a500179d7d6fcc5857714587372c977c5d6793cad30 Clone of the requests package that modified the code to send all get and post requests to a hardcoded URL --- Category: MALICIOUS - The campaign has clearly...