MAL-2025-5142 Malicious code in web3evm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c2f7724a72031eda7b5c33755802a67784979e2a9459d83698b0637be68630b Package contains just a function to send out data. It or a package sharing the same IoCs is used in a malicious GitHub project to exfiltrate crypto currency...

MAL-2025-4269 Malicious code in web3author (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d5eac126109d648cac7a74217f0bc4b9e9bd0d07dc400924bf346f90b4b7ad9d Package contains just a function to send out data. It or a package sharing the same IoCs is used in a malicious GitHub project to exfiltrate crypto currency...

MAL-2025-4270 Malicious code in web3automation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 09a3fb2947bb8eaaf1e65033e8ccee659633669d5de0c0456b4c2e1680317dfb Package contains just a function to send out data. It or a package sharing the same IoCs is used in a malicious GitHub project to exfiltrate crypto currency...

MAL-2025-4207 Malicious code in byted-torch-monitor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c2b83888c7fcb79b930eaecb1a538d27a131ab415c0b756f84c7071d5a0935b During installation, a website with the current working dir is being called. It looks like something between spam and pentest as the website is most probably n...

MAL-2025-4208 Malicious code in bytedmemfdd345 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 19705d4db8178a4b1dd1282ded6d73256dc10b22125280c241524ec3e9e274af During installation, a website with the current working dir is being called. It looks like something between spam and pentest as the website is most probably n...

MAL-2025-4206 Malicious code in ark-vmp-reverse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 28ac22df743a6a65eed4d1d25f66c0f3eb42c5235dc749a84162883d313bd415 During installation, a website with the current working dir is being called. It looks like something between spam and pentest as the website is most probably n...

MAL-2025-3481 Malicious code in web3rpc (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3482 Malicious code in web3rpcs (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3480 Malicious code in web3connectpy (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3472 Malicious code in sxz (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3470 Malicious code in sincpro-logger (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3456 Malicious code in pyapimove (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3445 Malicious code in evm-validator (PyPI)

--- -= Per source details. Do not edit below this line.=-...

GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform GCP that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that's based on Apache Airflow. "This vulnerability lets attackers with edit...

MAL-2025-4204 Malicious code in aiolitesql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1ef59c4a17296925677ec69703d25a3bd0541eb1c20eba25b0bc6918e908ddcf Clone of aiosqlite with hidden exfiltration of selected data during "executeall" query see L59-97 --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-4203 Malicious code in aioasyncsqlite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9dabf7e852a633394c9df21ee491c5a3582e2c172c624fd2b48cc127dbdc410a Clone of aiosqlite with hidden exfiltration of selected data during "executeall" query see L59-97 --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-4238 Malicious code in reqinstall (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fabb4dfb4f519f848a714f96e09e2b5fbb289ffdd8cd86fc13c8fbf49b539962 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

MAL-2025-3467 Malicious code in runningwifi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7c510d8dbbc3448272c337960c786b9b9731fe97773a4bfd48844527c7e6bed6 Running the module will exfiltrate files from the current directory --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2025-3020 Malicious code in ytest-cov (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-3012 Malicious code in twilio-rest (PyPI)

--- -= Per source details. Do not edit below this line.=-...