9169 matches found
MAL-2025-5109 Malicious code in dbgpkg (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in colorizator (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aliyun-ai-labs-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
MAL-2025-6490 Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
Malicious code in syscachelib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8aa87f03342830d082dcfd87dfce0528b19781902f9c9e56a7379046d8a1572 Importing the module starts a UAC bypass through fodhelper to run a privileged shell, and download and execute a remote file. --- Category: MALICIOUS - The...
MAL-2025-191942 Malicious code in zamino (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c9ada91851d5e9411f5c74d5ea595be092fc2e4d2e8f7f7c995b6fbb6bd90d00 Clones of libraries to access Aminoapps e.g. legitimate package amino.fix with added exfiltration of the given credentials --- Category: MALICIOUS - The campai...
Malicious code in my-fun-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6642f3653e49e0a80b7fadf4c06bc64cba8a1a359772f1c7a668888278348fd6 During installation, the obfuscated code attempts to insert a modified Python DLL and runs a code. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in robloxextra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4281a22f488970ba086ca475848dedc3db41f77d760a4c280356d1018480ccf Importing the module starts downloading multiple stages of obfuscated code, that e.g. adds itself to autostart. --- Category: MALICIOUS - The campaign has...
Malicious code in pyximport (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4495a2909bdab391f460c6671937fa60d164f745657520e43700b229f56faf0a While described as telemetry, importing the package attempts to send out some basic info as well as quite sensitive environmental variables. --- Category:...
Malicious code in atlasctf-21-prod-16 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57c6acfcb3c6bb659cac9b311e2cc25e72f3ab57d80e3403b70b7e05a2a06ed9 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-21 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79c8505b253779798971bd98108a76e3e9ba4a7a590fa35b73eef9782c70616d On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-07 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1311c7427b70eb825aa126794cd4b42d09c2e5775ceb1abbcb909f7a36bc22ec On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-06 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40700739340f4f0bb3e0439a94754cb868827b002cad84a1dfca90da1dfa032d On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-14 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53e97c9ccd81536ef4d3b1aacb14600cc31b01f8bf00b53326458e485459c7e4 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-20 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ffe859775c26074cc4af620ba898f558fb64310ff0cd6ac1cb212700fadcb182 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-01 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 258b21be0ec08a121a4b506eb1cc9409d08b0cfecc9a2b995181dee57254afc7 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-29 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ae50dd887d083473a6316352191608a5075fa5abd83bd4b2bbd3e1e2273a4d4 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-05 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7e008f819b27019b178836f9edea97e159c3c1f765d391800ea99f06a26ce20a On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-02 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 797236959adb77b5a2b6d687ba0dcd688ea1fff675136998f38fedc01c65fa89 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...