10273 matches found
Leaked GitHub Python Token
Heres a disaster that didnt happen: Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Package Index PyPI, and the Python...
MAL-2024-10039 Malicious code in kongstrong (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6bc1ea7b99d0e9a3368a66084641ad782b9070c75c5ad2b67026cdd569ae344d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2024-07-strongkong Reasons based on the campaign: - Downloads...
MAL-2024-10168 Malicious code in strongkong (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6f4a55369b1ed2f46bdac2bc627a89816b7fafe22306d285b9d2f2d5cf120b7 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2024-07-strongkong Reasons based on the campaign: - Downloads...
MAL-2024-10166 Malicious code in solgpt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 24d27fe26b09bfe97b729a4d8a1a7b4e6f74cd69c17e0fa017eb07bccd3b5653 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2024-07-solgpt-exe-zip-miner Reasons based on the campaign: -...
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Cybersecurity researchers have discovered a malicious package on the Python Package Index PyPI repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads...
MAL-2024-12187 Malicious code in adafruit-display-text (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e23c09627673ad313852ef48f846b3ddd5a27a8eb53f0be5ce034a88f45c1a93 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-2981 Malicious code in opengrep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8de001a262d51e9750f84bfa2f6d30f5798aca9d0614b5feb95215ed1ced0507 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-4210 Malicious code in chosenrce18 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 254a6f89fa4e8c08d6ac8622c13f3aa2e4213b57587fa14db03b51e32e406f96 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-4223 Malicious code in mcp-xyz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4d411df043997ef0429e5915d45bcddf0e361d525c4f471e32c861e9a3553fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-4257 Malicious code in vfsrcetest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7df901b4edfbd807ba2046d52cb63fb5c952df8c0bb464d1faff3f3732680ffc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-6428 Malicious code in 0x000testqwe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c1f4407cfafbdc3391f55d6b0c6c7344e0e87cfc42f7eb6dfdd9239a82433b7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-6584 Malicious code in shiva123456 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8dca9366a1d6999b03cd12a09de5dd5a5f7b65201bc392856f8494aaea4d225f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-10032 Malicious code in graphcore-cloud-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ac46cb60f0875363e708276c64f0c8fa73c50f57eed28170f94437a5954f89fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-11520 Malicious code in akh-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9e1af18204b91fa245349f10eea1049681afa1d91cb4dd21a81b7789a29a9333 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in layoutspecs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e98f53933a358e241d85c8222bb5093b52de69083969fc55de49b5ecc023050 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-4256 Malicious code in vfsrce18 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e469759fd14d2b1207e5da1f724c19e6dc6b2896feaf658ad78c4ad33e3748de Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-4213 Malicious code in ctftestsowwy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6e53c512e63c328ecdc02187c5fe11c5b379e6bf451f936f769219c1787d146 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-914 Malicious code in dependency133434fr43437 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9cc68a9f63c26e040592558af43d4f7ef6369cbf6623c8f2558fc490acfabb73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-5100 Malicious code in c8tks94kspjghtb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9182e332ef5bf851522bb14086c5159f1c606fb90094722f856c87f36e382da7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-955 Malicious code in private-test-4 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4dd4ce4306e9d9704fdbbf2b63e86ca01614fee5f263dbb208c79986a14c334 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...