MAL-2024-9952 Malicious code in browser-cookies3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ac253e47b0fa143074f6239c3c84b3ecd3521d37f71c4f92937f53cafc5067b5 Package contains a compiled infostealer that is started instead of promised functionality --- Category: MALICIOUS - The campaign has clearly malicious intent,...

MAL-2024-9967 Malicious code in dirutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c67eead763edc5b56dadc5bfcec545f8799586732b861a6e661050d1165bc7e8 Package contains a compiled infostealer that is started instead of promised functionality --- Category: MALICIOUS - The campaign has clearly malicious intent,...

MAL-2024-9951 Malicious code in browser-cookies1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cabd14fc21e5314fd1778bac4e49f0cb8a145e773e147666070d85aa60e422c Package contains a compiled infostealer that is started instead of promised functionality --- Category: MALICIOUS - The campaign has clearly malicious intent,...

Malicious code in youreallydontwantthispackage2132 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 594e65e2115609e28b51abcb8b97695199a1eda6a4b72b2513bef87f5a74a211 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-11608 Malicious code in http-query (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f19b11d590534cc47f47b9fc60fae3affd054b1f5dc720dbbc17147cc7095653 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-10034 Malicious code in hello-world-package-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8ee148c559a9993ef0660c9183434ff59d2f6430a126a5913ef9a8341b9014ff Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2025-6510 Malicious code in glob-to-regexp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ce8e1c3de8370811f29db098c2ca6d1fbd027017b5e29a9b540a3dbe8f58c704 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-11248 Malicious code in gwinpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fdd3f3646435d9d7857a19999ffa38cdb99c04b4aa62177b1df6f2710b5412b3 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2025-6460 Malicious code in babel-preset-current-node-syntax (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 227436e7c8f26da0ff88db12bd9102d85f9f596cf495b6e9192c634d275a5686 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-10046 Malicious code in mlc-llm-nightly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bdf6d47b319cb60e32a6f2942beaa54bfe6ccc01bb72a8337f062746d49ace38 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

New Supply Chain Attack “Revival Hijack” Risks Massive PyPI Takeovers

JFrog's cybersecurity researchers have identified a new PyPI attack technique called "Revival Hijack," which exploits package deletion policies. Over 22,000 packages are at risk, potentially impacting thousands of users. Stay informed!...

MAL-2024-10047 Malicious code in modeflow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9499d9dbc7c99f3ef3720a91b51ebfe6e0eac051ca6110233f16a61c762c2b8d Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-11639 Malicious code in mumupatcher (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c629884f1972a86de285e5eda36f8ec8358c1b40d22922ad309a11174af5fca4 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-11640 Malicious code in mumuplayer12 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5e7ec41057042474a89cfaa47532d1f790110bc7ac08533ff4dbeea9ee91899 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-10159 Malicious code in rolib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b16e729f1b088aa209bed8297f772d9b51eccf7c434e2a3b8aa3ff43f17f565e Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-11626 Malicious code in lowui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4ff92d988d3a1a5ad5fcec02556f08824926948c8d12fc1dba370a99b5e4b70 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-11676 Malicious code in pysleek (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ebcd258899197196fca41e03c7a6781f5087b42fd37c0276ae9a892bef8d4910 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-11604 Malicious code in hahahasillyxd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f43efeb00e7f4fc1fd008a187b98b8c8fee1cf25f30ee8723ce1080b5fa6a323 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-9943 Malicious code in artindex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3f19c3c0f0a7d0edd2a53f7c3879706561e0e7d4596b11e9eebbb1d896e90a46 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...

MAL-2024-10180 Malicious code in uidesign (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f633bab69254c5eace9c9462c082253c39940828ec31ef84f44b8fce8cba04e6 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...