10272 matches found
MAL-2024-11575 Malicious code in dftester-pip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e23c327cc9243e5437e6b31224c6796b90399065b451269641911b1d1982483 Example package with overwritten install command and the reverse shell --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also...
GHSA-486G-47CC-8WXF aiocpa contains credential harvesting code
aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...
aiocpa contains credential harvesting code
aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...
PYSEC-2024-152 aiocpa 0.1.13 contains credential harvesting code
aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...
PT-2024-40067 · Pypi · Aiocpa
Name of the Vulnerable Software and Affected Versions: aiocpa versions prior to the removal from PyPI Description: The issue concerns a user-facing library used for generating color gradients of text, which introduced malicious code in version 0.1.13. This malicious code targets Crypto Pay users ...
PT-2024-40899 · Pypi · Aiocpa
Name of the Vulnerable Software and Affected Versions: aiocpa versions prior to the removal from PyPI Description: The issue concerns a user-facing library used for generating color gradients of text. It was discovered that version 0.1.13 introduced obfuscated, malicious code. This code targets...
MAL-2024-10877 Malicious code in newpipv3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 54fac2a807bae6742d82c86f55d97a1b4a810e42ee3b0b9dcb0c981c36ab712d The OpenSSF Package Analysis project identified 'newpipv3' @ 0.1.0 pypi as malicious. It is considered malicious because: - The package...
MAL-2024-11537 Malicious code in blackamerxs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 50486a7fa5636706a3c90bf515f6664c6cbb11aa127f9b3e95d7b38cf89c80c8 If run, the code in the package exfiltrates all files from the current directory tree. --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...
MAL-2024-11693 Malicious code in reverse4343 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a90c21a3dc6b4091f1ccd6f17c99b1ec955954d2b78e93029e63c33f12ed3c7d The package contains only a reverse shell started on installation --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2024-11534 Malicious code in backwwi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 23f7db675ae2d9beeb90ac31070aeb2a2ca9902ae348f92b30f828c200cc3441 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2024-10573 Malicious code in fabrice (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security d1d6b36980b1999e5525b7490b4a430c21cb4f86493a11b76f34ae8c02bfc19c The PyPI package fabrice is a malicious package typosquatting the legitimate package fabric. The package is an info stealer primarily...
Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
The malicious Python package "Fabrice" on PyPI mimics the "Fabric" library to steal AWS credentials, affecting thousands. Learn how…...
Malicious PyPI Package 'Fabrice' Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index PyPI that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services AWS credentials. The package in question is "fabrice," which typosquats a...
Malicious code in huggingfaces-hub (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 030324e12766820002cc282dbac28f60bb0f2fc82d459e96c82f073a14e75592 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in byte-flux-3822a6dd00d6414daba3ae0de3930a5a (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cec00e10a19e19684fc4887fa09aa1025aafc00f1121baacdf55f0c3b2ba9aec A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11634 Malicious code in midi-melody-extractions (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cf5fe50a15b36c41406e9d04f254b0acae240897b5ad49b1165228613cb036a A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10637 Malicious code in compresai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eff61bf37f16806690cbf9520f29f4e65c1619fb07bf01ccbb8c3c830f501736 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10826 Malicious code in licensemonitor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6bf006c4d28ae3036555f2c7255de1d0f672d7992acb46f2a89b4068b86f8754 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-11638 Malicious code in monolit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b004b665ba91ff3119a753e0b37cdce906d100aff101c2f536720bdd74fa027 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10727 Malicious code in huggingface-hubs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1d238b4266e7eb2a0fbda69d410f875e0625c30fcf79647d89c6e3358cbdcb55 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...