10285 matches found
MAL-2023-8355 Malicious code in alisdkcore (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 456242a426a17eeaca869a5f00ee2f02d837dec5bba7da9240b6bec77c0ae8a8 Attack targeted at users of Alibaba, AWS and Telegram via malicious packages published to PyPI. The malicious code was hidden in strategic...
MAL-2023-8310 Malicious code in cephlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f82a5ba62b790856947d686397170162bf743b168fd9d66008ed6501b465d5af The OpenSSF Package Analysis project identified 'cephlib' @ 0.0.2 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8309 Malicious code in xmlbuilder3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c5ccc40a08ace658e1c2bb67a692e4a04f1c6c826a6cfbf7c2bec41d0f54c540 The OpenSSF Package Analysis project identified 'xmlbuilder3' @ 0.0.2 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8308 Malicious code in nnabla-ext-cuda101-nccl2-ubuntu16 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 70047d0a5eb542220386cc3c3f7f8bd4bee3faa63ce2124f363abcc1503be3df The OpenSSF Package Analysis project identified 'nnabla-ext-cuda101-nccl2-ubuntu16' @ 0.0.2 pypi as malicious. It is considered malicious becaus...
MAL-2023-8307 Malicious code in narratives-from-tweets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1570135eff60eea1dfd9ec7b66797d9454373263050b83c8ad90d2b7b37d71b6 The OpenSSF Package Analysis project identified 'narratives-from-tweets' @ 0.1 pypi as malicious. It is considered malicious because: - The...
MAL-2023-8306 Malicious code in liblapack-dev (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 01a9f7fec70ee10cd7862c22e2c8257811997655e86e342b7bf61d0bd2b95154 The OpenSSF Package Analysis project identified 'liblapack-dev' @ 0.0.1 pypi as malicious. It is considered malicious because: - The package...
Malicious code in libblas3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2ce6c63048cc523093131cc1ce9bdc1581093b52f97225581ea78fef61404e8a The OpenSSF Package Analysis project identified 'libblas3' @ 0.0.1 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8304 Malicious code in libblas3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2ce6c63048cc523093131cc1ce9bdc1581093b52f97225581ea78fef61404e8a The OpenSSF Package Analysis project identified 'libblas3' @ 0.0.1 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8305 Malicious code in liblapack3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74012077041418bce1aed1339b95d0221435cff33db310194f29d9a0c2451e6e The OpenSSF Package Analysis project identified 'liblapack3' @ 0.0.2 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8570 Malicious code in pyefflorer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9db59fb1fff1df375feb9a17164f004b62a2d5fa194dcc285341536b6bfb51aa Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8290 Malicious code in poc-nvk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 10eb10880328aea55a7c7620d283f145ebcb574bfc98567eef9ad44d1ee8fcdb The OpenSSF Package Analysis project identified 'poc-nvk' @ 0.1.2 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-8573 Malicious code in pyhulul (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx f22a13d592f8a4de9eaf39b1c4c0c149232890e90dc5cff2988d49901d31a3e2 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8575 Malicious code in pyioler (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b5a0ae31e85484643163bd7b0da8800b531141a1e5d14a97f534b2bfdbefb531 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any...
MAL-2023-8566 Malicious code in kokokoako (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 037e7b78b81b8740ce2627e91bec2d913cb5ef310bf3d7a80046fee57dd42162 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8588 Malicious code in pytasler (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9209d9bf3f5a8205e05d9cb3e590cb8ad8cdf90cedb528dd047828c38b308361 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8568 Malicious code in pyalsogkert (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx db76c02045b01626113fc566fbbcd5f7fd5ccbd230e7e5c6dc0ed090a712c9b1 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8574 Malicious code in pyioapso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ddface0422e0d25912e1810f515798f9258e861b2f6d89a9514856d598a5395f Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8578 Malicious code in pykokalalz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ea135d81e5fdfe2d80397f1d6a5b8d0003b8c91632b9dd89163b6b5817e3684e Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...
MAL-2023-8572 Malicious code in pyhjdddo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx ac1a1233d8897ffaa72bc15d95e9f16517f66801df9f3eee30f97a8dc675d7bf Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...