364 matches found
MAL-2025-978 Malicious code in sajadnewninja (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-957 Malicious code in pyethereum2345 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in reque (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8ce48406d7fce137de7e9a500179d7d6fcc5857714587372c977c5d6793cad30 Clone of the requests package that modified the code to send all get and post requests to a hardcoded URL --- Category: MALICIOUS - The campaign has clearly...
MAL-2025-1982 Malicious code in mlc-ai-nightly-rocm62 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d19b7d0a36e093c723972a96552235036df64fd3c5e2ba6bb85d979a4c65c00d Installing the package exfiltrates information about the host, including environmental variables. --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-49 Malicious code in ilovenyxxbait (PyPI)
The package acts as an infostealer, exfiltrating sensitive files and credentials from browser databases via Telegram...
MAL-2025-942 Malicious code in langer-updater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1d2e888da57bf1c53e73ed2092516a44aaf46e4876619d129b7e3e4966dfc71e During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...
MAL-2025-961 Malicious code in python-bitget-connect (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1797b7fdf9859888b5495817784ead0bdc01e6acad5ae410af1e1df89acbded6 Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...
Malicious code in testlibrary128982 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11720 Malicious code in test-hwp-uwp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11690 Malicious code in requests99999999 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11688 Malicious code in replication-delay-client111 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11666 Malicious code in py-colorprinting (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11589 Malicious code in fake-usragent (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11554 Malicious code in ccl-localstoragerss (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11516 Malicious code in afritonpy (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11513 Malicious code in afrit-name (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11512 Malicious code in 48484efej8id (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-934 Malicious code in huggingleg2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 19ba00b8fab08e8016af3bfb4ba9fbb18510b2aa823dfb82a46a5b3ecd477655 Installing the package starts a revshell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2024-12-huggingleg2...
MAL-2024-12309 Malicious code in my-service-manager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 58c8e4c726cef11c6d7d60916210f532060a6ff7a98bb7fea5872eb10335dd5d While the package appears to be a manager for Windows service, the linked executable is an infostealer with capabilities like cookie stealing ang keylogger. Th...
MAL-2025-900 Malicious code in apache-airflow-providers-edge (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9db9c9532f0405358d9eba42b9f1e7702f9d5f1878e60e1d6e0d94f7154368b The package looks like a beginning for a further work. In fact, the uploader has shortly published a few similar packages appearing to be e.g. an integration f...