10271 matches found
MAL-2025-5107 Malicious code in colorizator (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-5098 Malicious code in blackspammerbd-workout (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-5095 Malicious code in aliyun-ai-labs-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6470 Malicious code in bulktweetbyref (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b6e44fa722cba73a0757878305b8641ff0539e6c32ffff20b9484ce39ce6a1aa Using the function simulates some behavior, but then download and runs an Infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2025-6471 Malicious code in bulktweetplus (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3f66a670d67e37fec4746d5aaf53be9e2f5267c68b667f1becdb55f8d75ce70a Using the function simulates some behavior, but then download and runs an Infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2025-5174 Malicious code in worldhello (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c09616d1a3cf63c69efe5b81863fee024898fd16025a96efa3e70504012bb6bd The OpenSSF Package Analysis project identified 'worldhello' @ 1.0.0 pypi as malicious. It is considered malicious because: - The package execut...
MAL-2025-6598 Malicious code in syscachelib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8aa87f03342830d082dcfd87dfce0528b19781902f9c9e56a7379046d8a1572 Importing the module starts a UAC bypass through fodhelper to run a privileged shell, and download and execute a remote file. --- Category: MALICIOUS - The...
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat 676 Downloads ts-runtime-compat-check 1,588...
MAL-2025-6469 Malicious code in browser-history-analysis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 032a326beadf36ce66d29555a7dacc90d6dfc733435dc61852cbc1e5128ee73d When starting the server with expected functionality with potentially sensitive content, the package silently sends the location external IP to a remote...
MAL-2025-6531 Malicious code in justanything (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 206471fdab67d7afeeb5fa6ee55cdb14b88338b58b50a5b73f31bbbb5e66e65b Code is designed to download and run remote scripts during installation, which finally downloads and starts an infostealer --- Category: MALICIOUS - The campai...
MAL-2025-6496 Malicious code in doverius (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c386579381491132baf4d7848ddb82f965c540fb732abb69771325665eabbc63 Code is designed to download and run remote scripts during installation, which finally downloads and starts an infostealer --- Category: MALICIOUS - The campai...
aws-ork (>=0.4.3 <=0.4.5), elita (=0.59.3) +84 more potentially affected by CVE-2025-22238 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - aws-ork =0.4.3, =1.0.0, =2019.12.0, =2019.1.30a2, =2.6.2.dev0, =24.3.12.0rc1, =0.1.0rc1, =0.0.1, =0.0.1, =2022.2.0, =1.2.3, =1.3.0 and more Source...
MAL-2025-191934 Malicious code in win32evtlogutil (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5d62d03c43564c8087172222e65beaf334bd9f219291eb6c36a142ad88adef4f Research packages targeting typosquatting and dependency confusions, without really harmful behaviour - just calling home through DNS resolver. Related to...
MAL-2025-6552 Malicious code in my-fun-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6642f3653e49e0a80b7fadf4c06bc64cba8a1a359772f1c7a668888278348fd6 During installation, the obfuscated code attempts to insert a modified Python DLL and runs a code. --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-6578 Malicious code in robloxextra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4281a22f488970ba086ca475848dedc3db41f77d760a4c280356d1018480ccf Importing the module starts downloading multiple stages of obfuscated code, that e.g. adds itself to autostart. --- Category: MALICIOUS - The campaign has...
MAL-2025-191879 Malicious code in stubsout (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 288961ef642901bbbd1ecf1fee45702985e9691d3f2fdc95f5990a197df2782b While described as telemetry, importing the package attempts to send out some basic info as well as quite sensitive environmental variables. --- Category:...
MAL-2025-6450 Malicious code in atlasctf-21-prod-13 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 773b90b87addef84f41e3bec0ed50198f5217f97c58686c8700726e2c5911f39 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-04 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 001a32ea254df328ea468b5f678beeac998089d5d28d365d4bd412f5b6839267 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
MAL-2025-6440 Malicious code in atlasctf-21-prod-03 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 374fe69b5719748c5255c0665469e0e45e3064884ece003a7fbfc56c04d3a93b On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
MAL-2025-6456 Malicious code in atlasctf-21-prod-19 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 74537e0fdc55a5f9c24996d74d6a582f0bac3c796e4629c46d8803a956647d87 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...