Malicious code in humunculous591014 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c11577c61879e85aacda7ebb86fc8450c95b08a151e6a058b5ccbec46616c42d Package imitates Roblox API wrapper, but the only action is getting the public IP, suggesting it's a security research or malicious attempt --- Category:...

EUVD-2022-54447

Malicious code in bioql PyPI...

EUVD-2023-28423

Malicious code in bioql PyPI...

EUVD-2025-29938

Malicious code in bioql PyPI...

EUVD-2022-53945

Malicious code in bioql PyPI...

EUVD-2025-30194

Malicious code in bioql PyPI...

MAL-2025-41703 Malicious code in mozilla (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41678 Malicious code in fquant (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in aiohttp-proxies-forked (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47774 Malicious code in importsetup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 07d601622d7b27ef8baa4ec8ef05e06c283dd18ace0fba3a856f3a5adbdce69e Importing the module downloads and executes widely recognized malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2025-41675 Malicious code in flask-tdg-cyber (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ec9e25f8f416bf20ca51977e1d4e001cf398d79dee777ff3b12b04cab6345292 Package is prepared for exfiltration of detailed data about the running system. The exact behaviour depends on the version: some does nothing, some exfiltrate...

Malicious code in iconnect (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e53aae69656f138607d0de8abe11d4b48ed6156875f07ec0da7485dd776f7158 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...

Malicious code in reqeuts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7f01ab0a32efcdc5ca1ef531f49392818b05b088503759e97611a529f61c37e5 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...

Malicious code in httpsmovements (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1f6e48eea4c63cfcc19e892d140b0b70a48f1041c559effbaae92184fda61bc5 In the invokehttp, the init.py contains obfuscated code attempting to download and run one of two executables. They are identified as malicious by VT and the...

Malicious code in appetize-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7f0791abf81cd0c979559b6938727478a6af6e21ceb08371567a9e0347b1e079 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in pycerial (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in guypy (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in getlatency (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in colorfonts (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in selflgtbpostrand (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b2563ef52025f93e3b6b349de804cf039ace554c5e728cdbeb4a7a95ad299a74 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...