MAL-2026-470 Malicious code in urlsssser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 242b446cd6cce908f668bfc1b199aa8f54a9ee1138b399ea6012f3b2bd2624e8 Package does not contain malicious code, but was published as a part of the malicious campaign and is used during further infection stages --- Category:...

EUVD-2026-4178

Malicious code in cflashfiles PyPI...

Malicious code in urlsser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f6d5a2656d3741fd7a1a4c50a9d3332a09874ef7c46713d0ad5e36478a063e This package does not directly contain malicious code, but was uploaded as part of the malicious campaign and is used as a helper in further infection stages...

EUVD-2026-4180

Malicious code in urlsser PyPI...

MAL-2026-468 Malicious code in urlsser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f6d5a2656d3741fd7a1a4c50a9d3332a09874ef7c46713d0ad5e36478a063e This package does not directly contain malicious code, but was uploaded as part of the malicious campaign and is used as a helper in further infection stages...

170051277-trab-final-gces (>=0.3.0 <=0.5.0), 2022-2-gces-ifpf (=0.3.0) +527 more potentially affected by CVE-2026-1260 via sentencepiece (>=0.1.82 <=0.2.0)

sentencepiece PYPI version =0.1.82, =0.3.0, =0.0.4.80, =1.0.32, =1.1.0, =0.3.0, =0.5.0, =0.2.2, =2.0.0, =0.3.5, =0.0.3, =0.3.0, =0.3.17 - akira =0.1.2 - al-for-design =0.0.1 - alignmap =1.0.0 and more Source cves: CVE-2026-1260 Source advisory: SNYK:PYTHON-SENTENCEPIECE-15091567...

EUVD-2026-4181

Malicious code in icloud-recovery PyPI...

MAL-2026-467 Malicious code in icloud-recovery (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3639028f2f9d36c20b55c655b1d71bc053827f4703e7954b12a4ec3da8edd8d2 On importing the module, the code exfiltrates text files, with the focus on configuration files --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

A new malicious package discovered in the Python Package Index PyPI has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev , mimics SymPy, replicating the latter's projec...

EUVD-2026-4198

Malicious code in sympy-dev PyPI...

EUVD-2026-4199

Malicious code in icloudprocessor PyPI...

EUVD-2026-3701

Malicious code in ttam-ploy PyPI...

EUVD-2026-3702

Malicious code in code-transfering-3 PyPI...

MAL-2026-445 Malicious code in code-transfering-3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 949a505895a5dcb808074bcddc1a084d12cfadb4b999712b48e012ad455ce817 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

Malicious code in code-transfering-4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f49b12f95d153280889b4da45b5de3017f21159ad06622092779705ad22e855c Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

EUVD-2026-3703

Malicious code in code-transfering-4 PyPI...

EUVD-2026-3704

Malicious code in terminalbrush PyPI...

MAL-2026-444 Malicious code in terminalbrush (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 35e06fb41f9c1a4f082cf49a72dec89fc5b4d2f6580b97e527d291d50807b801 Package downloads an executable, places it distinguished as a Python binary and starts it. At the time of analysis, the URL was no longer active, so it was not...

Malicious code in 1q847 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe398aee3ca61989d1610e4b2edae183ef70d5fabc08709875ca9ef8725d82c5 Package contains two DLL libraries, one of them packed. Both are widely recognized as malware. The exact behavior is not known --- Category: MALICIOUS - The...

EUVD-2026-3705

Malicious code in 1q847 PyPI...