13252 matches found
GHSA-5MG7-485Q-XM76 Two LiteLLM versions published containing credential harvesting malware
After an API Token exposure from an exploited trivy dependency, two new releases of litellm were uploaded to PyPI containing automatically activated malware, harvesting sensitive credentials and files, and exfiltrating to a remote API. Anyone who has installed and run the project should assume an...
MAL-2026-2187 Malicious code in vision-service-python-client-internal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea39ef97e61556ba1ef289f438f9401ced47328bd49f096401ed4795792c8f7a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in hy-api-utilities (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e47cae7d998d465d8ad1e4944051a42ee3cbf939476004154800628a94b828f3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in auth0-ai-ms-agent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e341dbac5b5fcd3b5a882b5ee47e26051b72bacd4d552790c684174ba0e69ae Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in linting (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb47704e5a0d8d5d241dd382567f85027854c50652bb5889cde58c2b6db00a7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in yeshsurya (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 94ee8d39c76b11ebb68503181be81cfc3154ef7c1b758a9b139d77f3791c3356 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in facebookresearch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2532cd269873dbda78f99b9e22ab736c64c48ba32fa5c27deaf173fdbf33397 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in fairness-bias (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c76439565a70fd014098388baf5dd9a679f90be992102ba689fc0b7d6d3db352 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in globally (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1f2d16dd9f9dc8f8c54504946e96b931fab9f6c893012e17b0c03dd531c49f5b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2170 Malicious code in fairness-bias (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c76439565a70fd014098388baf5dd9a679f90be992102ba689fc0b7d6d3db352 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2172 Malicious code in v2-8-3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b90faec9a57b74163b9282007ed27f9602abf0d5307115928eb4ca75d98f8c72 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sonic-config-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2385b46fee4fb7241c2f3f692934017f39660c9694b98b92cbe3dae6555e5b05 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2180 Malicious code in sonic-config-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2385b46fee4fb7241c2f3f692934017f39660c9694b98b92cbe3dae6555e5b05 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2182 Malicious code in sonic-yang-mgmt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8013d6980c9ac5e595a47f3464594348804620b433495e07afadff081bc89913 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2176 Malicious code in kusto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0bdb202529b567cdcf3b62e44352186db2cb5defbfbfec0e7646a684838e08d7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sonic-platform-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2181 Malicious code in sonic-platform-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in batch-shipyard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 83ca35f9b1e5fc77913037dde16ad175609dddc219e613c9dae7f752b112568f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2174 Malicious code in batch-shipyard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 83ca35f9b1e5fc77913037dde16ad175609dddc219e613c9dae7f752b112568f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in aristanetworks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 734e78214abbde694d6041663ec7e34bb9f31c9265856540de7a1c0a8ffe5e33 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...