9169 matches found
MAL-2025-47783 Malicious code in libgomp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d390b58898a977fec39e6d1fe725cf5c2bcb09b2ecf4c2294a23d75a56dd71a6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in iamenumerate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d673b2612401a11ff219f59a9ca15986b4ce10d098f08d4beb5fbc9dc79ec554 This one package is clearly created as part of the campaign, but the malicious code from the previous version has been removed no other changes. It is anyway...
MAL-2025-41688 Malicious code in iamenumerate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d673b2612401a11ff219f59a9ca15986b4ce10d098f08d4beb5fbc9dc79ec554 This one package is clearly created as part of the campaign, but the malicious code from the previous version has been removed no other changes. It is anyway...
MAL-2025-191767 Malicious code in jsonist (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818 Calling a method starts downloading and starting an infostealer script --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-47804 Malicious code in titifel-pypi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 246211906386c6795c3728d15bf42f5b9083257d1964d8dc21bcda833dd6363c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in st-py-de-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a0110859887f6cd8d6e81ff1c6715dd4a5d2a1c84c28b71cb09320e33e10cce5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-41768 Malicious code in st-py-de-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a0110859887f6cd8d6e81ff1c6715dd4a5d2a1c84c28b71cb09320e33e10cce5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in iamenumer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2281f18809744cd511d94170c1ce172994a633aa0b8b5bc9fa9b892629b5d674 Before creating the boto3 client, package exfiltrates user's credentials. Packages from the campaign are used as dependency in a GitHub project promising...
MAL-2025-41687 Malicious code in iamenumer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2281f18809744cd511d94170c1ce172994a633aa0b8b5bc9fa9b892629b5d674 Before creating the boto3 client, package exfiltrates user's credentials. Packages from the campaign are used as dependency in a GitHub project promising...
Malicious code in aws-enumerate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 82e411db1ea78935340bd950942b13579b400264ddef042aa0b07d6952401c45 Package for enumeratin IAM --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-08-aws-enumerate Reasons base...
Malicious code in flask-tdg-cyber (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ec9e25f8f416bf20ca51977e1d4e001cf398d79dee777ff3b12b04cab6345292 Package is prepared for exfiltration of detailed data about the running system. The exact behaviour depends on the version: some does nothing, some exfiltrate...
MAL-2025-191911 Malicious code in tronapihelper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8668b25d81460ff9ac1973c8f9ad6e6092350a4a08d6a4b5ba1fc827a553dc38 Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
Malicious code in permsupping (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2dec8af74032aa8a44855e36075b08f5a83aef64962e2c6604e6ecb0b288aa10 Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
Malicious code in raknet-testing-package2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d26ae7cefa4b8ebaf16a44f6d3c42c1fd6dbacda884e5b03b06da5ff237d7435 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...
MAL-2025-41730 Malicious code in raknet-testing-package2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d26ae7cefa4b8ebaf16a44f6d3c42c1fd6dbacda884e5b03b06da5ff237d7435 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...
MAL-2025-41729 Malicious code in raknet-testing-package (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9f558ab07d5858b728bc43a5a17c5eff73b0413f2d871ac3bc33b1b8c30a6ef5 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...
Malicious code in tronapisync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
MAL-2025-41787 Malicious code in tronapisync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
Malicious code in httpsyncer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3e9323dbc11b949e9970ead2dcc1c5a7f05348a977591f8c86027ee220c86b62 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
Malicious code in num2words (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 36822c42f7e862f29cef9734efec9a9a9cc44a80e619e954dd25c12239d15767 The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code...