MAL-2026-4773 Malicious code in vlifegram (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8771013473b84f29159a80ec15ce3e9897bc69908ddfa2438845811dd276d87c VLifeGram is published under its own name on PyPI but installs into the pyrogram/ namespace and ships a Pyrogram fork at version 2.1.2.4. It adds an...

Malicious code in 7miners (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7501eb0620c75479fa4614362aaa6c5766c8cc2f3b4d8829db6a44ca086cc374 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

Malicious code in hiveos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 632c5c53f72df87d7b0d9843df212e147e729699ffe5e7f6c20e3cd41fa13f64 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

JesterSploit

JesterSploit – Advanced WiFi Penetration Testing Framework !...

Malicious code in trustwallet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffef6e3541d5ab62ee32f0d44e9da05c6e495c15a4c9a9d9a4866e40ae502604 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

MAL-2026-2271 Malicious code in metamask-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d741c998a924aa720c19f13cbb622ebb5862abde8765dac7f8bb2cf1b219c3dc Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

MAL-2026-2268 Malicious code in gemini-ai-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

CoralRaider targets victims’ data and social media accounts

Cisco Talos discovered a new threat actor were calling "CoralRaider" that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This group focuses on stealing victims...

DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan

The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are als...

New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers

A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control C2. "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular...