10272 matches found
MAL-2025-5655 Malicious code in maliinn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dea697dc03b11e99e6895070c9fa053b8db92510a03201f9545dcb25bd373199 The only goal of the package is to execute a webhook or a suspicious file during installation. Closely related to 2025-07-0x9xnx - created after previous...
MAL-2025-6521 Malicious code in hellotesthim (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a7a4369b02deb0d2a9cf1340be0efe760e29f7979e3f7361ba029a282b70597f Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
MAL-2025-6586 Malicious code in sinontop-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e4796f9772fd88b2cad42713f8d9b731428bea0bc0aaef2645676789636b7c1 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
MAL-2025-6571 Malicious code in pypiion (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 45829fe35be9020b9109d3f502be2f392cde33801689e007f89d67a3a7c0415d Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
MAL-2025-6588 Malicious code in solana-sdkpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa656c982797b0a9ae09399aa3204b8925d4608935f9b563f498224bebf39b04 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
MAL-2025-6585 Malicious code in simple-mali-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c9629656d765c03a690cd0d32598fac52e66c8f5c82dae9405280ee04e1b0280 Series of packages mostly with an obfuscated infostealer attempting to collect Chrome data. While discord webhook is usually set to an example, there are other...
MAL-2025-6529 Malicious code in jirawrapped (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 22cb10a2f4a514eac4296e09281b5b08784e62d6616a520e032e563d69a0e6e1 During installation, the package attempts to exfiltrate browser history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-6575 Malicious code in rehttps (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 08172961784989f62b2b0793fa7686e1c25883883f790293df61591aa2fc6940 During installation, package attempts to download and starts an executable. The package itself is a clone of requests --- Category: MALICIOUS - The campaign ha...
MAL-2025-6615 Malicious code in wallet-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c83a3acdf0b02acc2a9af7cf885f2f744a154847edc66e1264ee1c38d8d7b984 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-6620 Malicious code in walletutility (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2977792a67d074770c5080ac055addab8c5bf6b77bf203132fb2c67f32091a6 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-6618 Malicious code in walletsutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 98651db61cea6613aac5b784cf567a82461f39c8cfa2c7634504ea2708989408 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-6617 Malicious code in walletsdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 24b8f8046f66b9996b1f2169f1034b1c35f0760e09d4e91e712d0b3a36a88d6e Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-6545 Malicious code in managment (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 754c9b609bb8dafc0fd21d141cd216744d9f2aa1f23898990c52e872fdc23e1a Installing the package starts a revshell and download and starts a remote script depending on version, different malicious functionality. The name seems to...
MAL-2025-6596 Malicious code in sqiul83 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67d309c2d4c740426c07cc17768f6313eebd765242e7e4a63aa04213d21358ea During installation of the source package, it attempts to silently download and start a remote executable. At the time of analysis, the downloading link did no...
Malicious code in hashidf (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 126b111d14601f2ff653938378c5e6d0f534439f0eac8db7984dfe7aa0f20b52 If ran as a module, the package silently starts a binary hidden in a txt file in the background. At the moment, it appears to be PuTTy, and without additional...
Open Source, Open Threats? Investigating Security Challenges in Open-Source Software
Open-source software OSS has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to increased exposure to vulnerabilities and attack surfaces...
MalGuard: Towards Real-Time, Accurate, and Actionable Detection of Malicious Packages in PyPI Ecosystem
Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning ML models to large language models LLMs. However, as the complexity of the...
MAL-2025-5137 Malicious code in solana-data (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-5135 Malicious code in solana-charts (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-5134 Malicious code in solana-chart (PyPI)
--- -= Per source details. Do not edit below this line.=-...