9169 matches found
MAL-2025-4220 Malicious code in glean-indexing-api-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f72985a496d7f564761c6862c160db30daaa442596d1cb609b0cc750bfad7a Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...
Malicious code in solana-test-suite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 637014df713a194c727be0c3c8a6883b80fa29c7e66be089dd3bb82e49b915b4 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...
Malicious code in badgerdoc-storage (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57170ed58e2cf5e3b4b32f443ae555c7c040f2a395b3505837c90e06add93db5 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...
Malicious code in program-admin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79810d0cd56c8a3266dcbe5827dd3d27eb976b353c7b17940a29dddc602df4f7 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...
Malicious code in pyinitialyze (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 17fb73bd9014366b80018d085cf68a67535ca979bd2ddd14c82ef27ec1309a61 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...
MAL-2025-191834 Malicious code in pyinite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ed8f43159750189f4cea17185b5ee087dda83db8574bf258010068c524fc723 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...
Malicious code in initer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d2aac1e40660cbe4323a93d03087f3b9a2d596a5dcfcf2bae3cb0a2ab37cf646 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...
Malicious code in matlab-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ff0a277d45885a5c1a26f027495e73b5e0aa8b49c7ee3eeafd06cc14e6e8f754 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-05-matlab-cl...
Malicious code in veriftest1asdlaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 84fe70a8f5e34c8334d7284bcc9b71826210f029708a53a6ec4b9bb90a33054b During installation, the package attempts to exfiltrate cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in veriftest1asdlaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8ca63296b7d7f9b656944bcaf65cc918b709a2071d1ea5f16d1a7422a9df931e During installation, the package attempts to exfiltrate cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in veriftest1asdla (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e04795c3a8f7fae13a125bde307aa64db04ae9f4ff76bd1d11fb32b4d3f57a36 During installation, the package attempts to exfiltrate cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-4250 Malicious code in veriftest1asdl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e11e583c94e6aea422cd70561ea53212b4b4a26dd4bcb2e42c4c1ad25066474d During installation, the package attempts to exfiltrate cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in meowsapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f59e6347816a732ab5ddebfd141e113bb5cca799fa8b8466f194dbff1a1e428b Importing the module starts delayed downloading and starting a remote executable identified as BlankGrabber infostealer. --- Category: MALICIOUS - The campaign...
Malicious code in timsingapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1331e7dbd74ec00f13073c6230eee52b13ef3db29c643d09cbf0b81cccf4ad97 Importing the module starts delayed downloading and starting a remote executable identified as BlankGrabber infostealer. --- Category: MALICIOUS - The campaign...
Malicious code in rblxfando (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79348147677636191e632b65c78ba37a77d2ba57abed5c9b257624b0f14ba1b8 Importing the module starts delayed downloading and starting a remote executable identified as BlankGrabber infostealer. --- Category: MALICIOUS - The campaign...
MAL-2025-4237 Malicious code in rblxfando (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79348147677636191e632b65c78ba37a77d2ba57abed5c9b257624b0f14ba1b8 Importing the module starts delayed downloading and starting a remote executable identified as BlankGrabber infostealer. --- Category: MALICIOUS - The campaign...
MAL-2025-4242 Malicious code in timsingapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1331e7dbd74ec00f13073c6230eee52b13ef3db29c643d09cbf0b81cccf4ad97 Importing the module starts delayed downloading and starting a remote executable identified as BlankGrabber infostealer. --- Category: MALICIOUS - The campaign...
Malicious code in pydoxing (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 52e0861f6664f547a0cc13ab9b6aea123213946a49bbdc341e15be6ff6d53b61 Package contains a known Blank Grabber infostealer that starts on importing the module --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...
MAL-2025-4230 Malicious code in pydoxing (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 52e0861f6664f547a0cc13ab9b6aea123213946a49bbdc341e15be6ff6d53b61 Package contains a known Blank Grabber infostealer that starts on importing the module --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...
Malicious code in tronlid (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 387ea56c726485890b55cce5a96c6381e248be3c8eba22c22ead08e4b30db3b1 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...