10272 matches found
MAL-2025-3444 Malicious code in coloryi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7fda5ee85e248eb4ab426d18592fa9703ff19567ed041d3d75740a231464152d Importing the module starts a code that exfiltrates data from local Telegram application --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-3462 Malicious code in quicolor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b11a81f135d7d2ac414b7144af73523d15db7b0ce1a2757ba6ba95f50bf0be8 Importing the module starts a code that exfiltrates data from local Telegram application --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-3461 Malicious code in quickcolors (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 05deb6781dc1a1781e9a811200127704052a70029ade2a3e97f2c010d9453fc2 Importing the module starts a code that exfiltrates data from local Telegram application --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-3435 Malicious code in bbllaacckkwwoollff6ad8f762 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d90faddd66012c6f6fadc95f0a0e846b70504ed6ea47a65576ef5c4067a4985 During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
MAL-2025-3431 Malicious code in bbllaacckkwwoollff-6ad8f762-1a91-45d7-a9c5-356bd858356a (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4da60ab5fd2248194d9c485e99360f30cd77d89de065b6f30259328cfcadd2f2 During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
Malicious code in f2d5cfdc642c3d4 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7996c4b5f5093de9bc2646228bce15683af10ede7957a934c5afa67346f1149d During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
MAL-2025-3447 Malicious code in f2d5cfdc642c3d5 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea846c355b07f5a44c9e9add5eccd50fcf359359f6fdc49de3f7b696697b87c2 During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
MAL-2025-3430 Malicious code in bbllaacckkwwoollff (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2507dd4c5b3b3c1fae3213243ff0a27b71955dfbb39069f677660e025ac08f0d During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
MAL-2025-3440 Malicious code in codeoptimizer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ae236bbeace8d7b056d4827059bc1f4b6314e57e75827ce5a980ac9dfb991c2 On importing the module, there is an automated start of a Telegram bot capable of exfiltrating passwords from browsers, executing arbitrary commands and so on...
MAL-2025-3484 Malicious code in yolov8mini (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9222d20b84ed716d5bdf81f1da1d0f088fc7482894c8f25a5d1f757cc477ba9 On importing the module, there is an automated start of a Telegram bot capable of exfiltrating passwords from browsers, executing arbitrary commands and so on...
MAL-2025-2592 Malicious code in blackspammerbd-tg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 899ac6c3d1b62da3553aab693790598d0e87f6530b57d335deaee2545a39eb9c This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...
MAL-2025-3460 Malicious code in python-socket-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 93a8d30e631680bace9b05db1ac189cbcc472895fcfb1db40f4df52f301a6599 Importing the package starts a script that takes commands from remote server and executes locally --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-3483 Malicious code in xcepthttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 98504a58d8dccbb3ea09cc521e14c9a64707763302db04111ad32eeba8616925 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
MAL-2025-3429 Malicious code in asynchttpx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b8f233eae76de4578a7b30c6564338d644a7dfa1f59682337792de5ad13668f Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
MAL-2025-3448 Malicious code in httpx-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d26dbf9fa1035b8b1e189f67123ee22f506cd21c08e17c282176a716af9da033 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index PyPI repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain...
MAL-2025-191906 Malicious code in tonetext (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c46725ad6c88079cce4f7fa4a29175fec7f78ea83344da99d0f02ac4f020fcf3 When imported, the code embedded into the exception class downloads a remote file, and runs it by importing, and attempts to cover tracks by overwriting itself...
MAL-2025-3439 Malicious code in ccxt-mexc-futures (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f2eb5eb75679b536c430ad6d5440e63fbe1d1cd391ab1abf2a411dae3a768ed8 There is a hidden code that overwrites the default method and downloads remote data, which contains the dictionary pretending to be the right value, and a hidd...
MAL-2025-3008 Malicious code in tlsclient3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 612e1a598a61304a9ae3550acb835ef5962f596bb74e857c2a035ba090e57dc4 Obfuscated code starts a multi-stage infection --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index PyPI repository that's equipped to steal a victim's Ethereum private keys by impersonating popular libraries. The package in question is set-utils, which has received 1,077 downloads to date. It's no...