362 matches found
MAL-2025-191783 Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191718 Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191792 Malicious code in minizip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 33ba100525dffc7a828e4b7384f862ff22dfb55d2e7d61a34c0d31ecdff64c10 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in minizip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 33ba100525dffc7a828e4b7384f862ff22dfb55d2e7d61a34c0d31ecdff64c10 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in uuzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bbfdf99ece618455cadb15bcd6d0d6a93707bd72278a58834e74eb88094279ee During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191918 Malicious code in uuzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bbfdf99ece618455cadb15bcd6d0d6a93707bd72278a58834e74eb88094279ee During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in mzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfa6ef3ee944ed5eef4429c7c9ec9488d9c2c70be6435ee1019851527272a9e4 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191799 Malicious code in mzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfa6ef3ee944ed5eef4429c7c9ec9488d9c2c70be6435ee1019851527272a9e4 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in uzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ee20087db4a86ce68765ba8046732e8f1fc906c58a0303e836429a63788dc97f During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in perfviewer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...
MAL-2025-191814 Malicious code in perfviewer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...
Malicious code in quicksort-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-191850 Malicious code in quicksort-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in db-aggregator-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aed54ed734902c1a5749b7861e2ad95cc2d8c71c78fa4b0167499f9a1b296f9f Importing the module downloads and starts an infostealer. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191713 Malicious code in db-aggregator-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aed54ed734902c1a5749b7861e2ad95cc2d8c71c78fa4b0167499f9a1b296f9f Importing the module downloads and starts an infostealer. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in saintone (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d762a42d55901a472c7070197cef989428ecb0140acfe02c72d719d74b430436 Code downloads and starts an executable widely recognized as malware, then sends some results to a Telegram webhook. --- Category: MALICIOUS - The campaign has...
Malicious code in readosso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67ade73536cb4834ba05b33797c1cadcddbf7d90fc099bd6e53f94b9deec4f66 Package automatically starts a Discord bot waiting for instructions to download and start a remote executable --- Category: MALICIOUS - The campaign has clearl...
MAL-2025-191852 Malicious code in readosso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67ade73536cb4834ba05b33797c1cadcddbf7d90fc099bd6e53f94b9deec4f66 Package automatically starts a Discord bot waiting for instructions to download and start a remote executable --- Category: MALICIOUS - The campaign has clearl...
Malicious code in gtts-lts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7cfb789704a149f7b741d0c68fcb8a32a1e189444ca36f97e435e59d04e073b8 During the execution, the package silently download and runs a JAR not related to the package job. At the time of analysis, the content was corrupted ---...