361 matches found
Malicious code in huggingfaces-hub (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 030324e12766820002cc282dbac28f60bb0f2fc82d459e96c82f073a14e75592 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11634 Malicious code in midi-melody-extractions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cf5fe50a15b36c41406e9d04f254b0acae240897b5ad49b1165228613cb036a A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11638 Malicious code in monolit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b004b665ba91ff3119a753e0b37cdce906d100aff101c2f536720bdd74fa027 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in importlib-resource (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0fd6066b0541bd12a7a24cd00cf0cebdc0d82832ae6ead0c90db2589bf50e152 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in byted-flex (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f7c46f02d189ba471aba10b985193a2e0476f4f7f9f6e068ddf3fe79c2088ea1 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11612 Malicious code in image-dream (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5dc5a040f22951aa7352846d3518445c278d2c8aab44dcdf8435fd063e079957 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in compressi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ade0c38afdca5e7d87d6c3ecf059ed4a65e27587be0bff2287cbf4aa3474b536 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11594 Malicious code in ferminet-with-ecp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ee00c3ebd9a9dd393b6184c63072d81baa2ae968a831319453996dcf03d47999 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in midi-melody-extractions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cf5fe50a15b36c41406e9d04f254b0acae240897b5ad49b1165228613cb036a A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytepilot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c0d90c01bceedad5b420353d56d8b0d29f6571169ab91d9cda129f242e66c40b A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in tktoken (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 00d11ef99393eeb8899b4ce0fdcfc051f28305fbbe851e064eb984b21bb7c42e A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytesap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eec30f2d541d35548fef109eb76c972e92203c749f615aa08f976fb9b0c2a03 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11662 Malicious code in pplgdfhuighsdfyisfdty2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b38f6d0da39d944ddde3bda8742a42099398148ad778fb06fe57e6a3274ea2e8 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
MAL-2024-11663 Malicious code in pplgdfhuighsdfyisfgfd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1b4e49a8011af86af7ac1b8cf4760295ddcf33d4b354139db3d92192e813dcc9 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
Malicious code in j5gnpfweguiwerbngpiutbgn0iutb0pfwef (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f32453dbd5b2857fbf4766d0c1573b109be79c0013d276ecdfce38105c4580f9 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...
MAL-2024-11618 Malicious code in j5gnpfweguiwerbngpiutbgn0iutb0pfwfef (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 41b992b1717ae4c37710bfcb4b86d013ca8f3eb95dc9e06f47bdd813010db976 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...
Malicious code in cipherbcryptor (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in artifact-lab-3-package-e90915e1 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious Package
Overview browser-cookies3 is a malicious package. This package contains a malicious code and uses "typosquatting" to bait unaware users to install it. Remediation Avoid using all malicious instances of the browser-cookies3 package. References - Security Blog Credit: Kirill Boychenko...
Malicious code in fake-usreagant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef713dc551a4b2eb9b0c94b270f4c214aa90e688076e15bb263b3bb5f3b8484b Package imitates the legitimate fake-useragent, however it has a few suspicious additions: fake.py L149 calls a function from 'urllib2' module, which contains ...