Lucene search
K

9169 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.5 views

Malicious code in code-suggester (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e28ce2ce1f759945a6b42ebe9f6f224869ab1f91b85212853e83a20d43a390bd During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.5 views

Malicious code in langer-updater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d2e888da57bf1c53e73ed2092516a44aaf46e4876619d129b7e3e4966dfc71e During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.4 views

Malicious code in noway-back (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ddfd888bb0cff1ee81f07dbdfce95081afa43d43a18f8a0417b3724337c2e287 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSV
OSV
added 2024/12/16 10:40 a.m.5 views

MAL-2025-910 Malicious code in code-tracker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9a735fdad092318def6c11516f5922631656bb986f77887fff44aaed26830dd During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.3AI score
Exploits0References1
OSV
OSV
added 2024/12/16 10:40 a.m.4 views

MAL-2025-909 Malicious code in code-suggester (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e28ce2ce1f759945a6b42ebe9f6f224869ab1f91b85212853e83a20d43a390bd During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.4 views

Malicious code in code-tracker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9a735fdad092318def6c11516f5922631656bb986f77887fff44aaed26830dd During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.5 views

Malicious code in presudo-generate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e390060b9c380a6e7c1743dc35278cbe02801d90678046380344edd73673ca54 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.5 views

Malicious code in code-beautifyer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1aa07cb2a8c34d8fc5a6728b0985541456937811451149748ae9acdef4892e7c During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSV
OSV
added 2024/12/16 10:40 a.m.7 views

MAL-2025-908 Malicious code in code-beautifyer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1aa07cb2a8c34d8fc5a6728b0985541456937811451149748ae9acdef4892e7c During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.3AI score
Exploits0References1
OSV
OSV
added 2024/12/16 10:40 a.m.4 views

MAL-2025-951 Malicious code in presudo-generate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e390060b9c380a6e7c1743dc35278cbe02801d90678046380344edd73673ca54 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/16 10:40 a.m.6 views

Malicious code in lan-clean (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b77907fa5398dac2959c2fa6cc7ab1c451a318803ca9efb40ea52487080609c3 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.4AI score
Exploits0References1
OSV
OSV
added 2024/12/16 10:40 a.m.6 views

MAL-2025-907 Malicious code in clean-packager (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 262c927312d80c4f09dc74bcc93a7036c67a0e3c831d802ce8cbebc21b37e4b5 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/14 4:26 p.m.5 views

Malicious code in httpfluent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad45caa6ad5e9c6f356193dc378e801a9fd3846f04443ad9d6c841b0b2e80c62 The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/12/14 4:26 p.m.5 views

MAL-2025-933 Malicious code in httpfluent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad45caa6ad5e9c6f356193dc378e801a9fd3846f04443ad9d6c841b0b2e80c62 The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/14 4:26 p.m.5 views

Malicious code in websynapse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7323a05444284204de7701ff8b7a738bc155cb22356cf93fc1399dedad5afa46 The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/12/14 4:26 p.m.8 views

MAL-2025-1007 Malicious code in websynapse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7323a05444284204de7701ff8b7a738bc155cb22356cf93fc1399dedad5afa46 The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

7.1AI score
Exploits0References1
OSV
OSV
added 2024/12/14 4:26 p.m.5 views

MAL-2025-994 Malicious code in threadfluent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2a72da681aea57683d0d6b134f0263f126dfe205810fdcfa970c9920058fcf15 The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

7.1AI score
Exploits0References1
Schneier on Security
Schneier on Security
added 2024/12/13 4:33 p.m.13 views

Ultralytics Supply-Chain Attack

Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ­--which has almost 60 million downloads--was published to the Python Package Index PyPI package repository. The...

7.4AI score
Exploits0
PyPA
PyPA
added 2024/12/10 7:19 p.m.8 views

A number of releases of ultralytics contained malicious crypto miner software.

Ultralytics has identified a supply chain attackaffecting affecting multiple versions of the ultralytics package.The compromised versions contained unauthorized code thatdownloaded and executed cryptocurrency mining softwarewhen instantiating YOLO models.This code was injected into the PyPI relea...

8.7CVSS7.2AI score
Exploits0References7Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/09 6:51 a.m.6 views

Malicious code in urlcon (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder