Malicious code in xfoofoox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94e46dfacc8ffb015e2258d96dedda0eebb7118144ace7021794c88b319ade14 During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-5337 Malicious code in solana-web3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4967ebad2d1f4f5802ef50f1d399c05c4dfab94a208079695570b15ffef0fdd2 On import, solana-web3/init.py executes a credential-stealer payload. After a sandbox-evasion gate checks for 12-hex Docker hostname, /.dockerenv, an...

MAL-2026-5335 Malicious code in xfoobar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a54c1c17d20a069af19c48751aada9e426bcbf55484c360cf21ac70f35d3d0dd During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in spaysrbx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4bae51ef6cd61eb9bfc38ac2d8dd8ad1f38d22c4e55b8ccdfc53cd2ed94076f On import spaysdata, the package's init.py invokes mainentry in spaysdata/main.py, which performs three attacker-benefit actions automatically: 1 rea...

Malicious code in xforpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6ebd6a0497e01ef631a2c357263bd1af23d88e8d9a9ae46fe39110571949198c During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-5332 Malicious code in xforpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6ebd6a0497e01ef631a2c357263bd1af23d88e8d9a9ae46fe39110571949198c During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2026-5330 Malicious code in bittensor-burn-alert (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e89dc9ff0a5d334b67a01c572c036b0740adf6d8669d2fa25c241a0c098116 The package advertises itself as a Bittensor subnet burn-rate monitor but bundles a covert clipboard surveillance daemon in its compiled core module...

MAL-2026-5329 Malicious code in spaysdatarbx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bcaa4bf6f81efed82d35081ec059dfcd2f55e50b84f28d8b0ad4d8afe63089f spaysdatarbx is a Windows infostealer disguised as a Roblox DataStore library. On import spaysdata, init.py invokes mainentry wrapped in try/except:...

Malicious code in bt-burn-watch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94719a61950dd5cacc26b288c1fe8ef0d12f0e93720b4f1aa98cdf84ff148f0d Package advertises Bittensor subnet burn-rate monitoring but the compiled core module's own docstring describes itself as a 'clipboard logger +...

ROOT-APP-PYPI-CVE-2026-41182 CVE-2026-41182 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-41182 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-45134 CVE-2026-45134 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-45134 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-44681 CVE-2026-44681 in rootio-Authlib - Patched by Root

Root has patched CVE-2026-44681 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-28802 CVE-2026-28802 in rootio-Authlib - Patched by Root

Root has patched CVE-2026-28802 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...

CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Embedded Malicious Code

Overview embiggen is a graph machine learning submodule of the 🍇 GRAPE library. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that ha...

Embedded Malicious Code

Overview phenopacket-store-toolkit is a Python package and CLI for managing Phenopacket Store, a collection of GA4GH Phenopacket cohorts that represent individuals with Mendelian diseases. Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious...