Lucene search
+L

273 matches found

OSV
OSV
added 2026/03/06 11:34 a.m.4 views

MAL-2026-1262 Malicious code in fastapis-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69baeb910fc47c2e92e2a25cb1db7b5148b4773d193f15aecef4d708f69b1f6d The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/19 11:44 p.m.9 views

Malicious code in ethrpc-accounts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6372ce82342ae30022a83501fc348d1c63ec3cb27b19dba0678430efdfeeb077 This package is a clone of legitimate eth-accounts. The malicious code is hidden in the dependency, ethrpc-keys, which exfiltrates private keys. --- Category:...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.8 views

MiracleLinux 8 : kernel-4.18.0-553.77.1.el8_10 (AXSA:2025-10931:75)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10931:75 advisory. kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class handling...

7.8CVSS7.3AI score0.00192EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/06 6:47 p.m.14 views

Malicious code in testingpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 577f9c1cdb7d3ef0e010cc9e292142a11f3a84a9f1ed42f238a920e7e9617b35 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

7.6AI score
Exploits0References4
OSV
OSV
added 2026/01/05 5:36 p.m.5 views

MAL-2026-55 Malicious code in lium-io-gztensor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f87521be2fb53979b969dc362d41bfcf6c9f860f8d6517a76889a81dedc06a1 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

7.4AI score
Exploits0References4
OSV
OSV
added 2026/01/05 5:34 p.m.5 views

MAL-2026-54 Malicious code in lium-4-96 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f30524e8a9ff2b7c5b43b57ea582beeba9d8f94da4097ecd572d26b4177e6626 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

7.4AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/05 5:33 p.m.11 views

Malicious code in async-substrate-interface-upgrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f97af1701ef4cd3f9c0a8bf1f8245a4291ac3b704b9149972b27a6dd9966428 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

7.5AI score
Exploits0References4
OSV
OSV
added 2026/01/05 5:29 p.m.5 views

MAL-2026-52 Malicious code in celium-collateral-upgrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 adea9a91926d593420b0d9d07dd66bc5656bb42bf3735074a3f33533800a79dc This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

7.4AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/05 5:11 p.m.9 views

Malicious code in gztensor-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

7.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/29 10:4 a.m.9 views

Malicious code in smtmlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e871336d0effe99cb62efeda3a287186e75c1bd4ca5770efd81718db8ababe4e Malicious copy of a standard library module that during class initialization downloads and executes remote code and after that attempts to cover its tracks by...

7.6AI score
Exploits0References2
OSV
OSV
added 2025/12/22 5:15 p.m.5 views

MAL-2025-192690 Malicious code in smtrlib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2c1075f7c4373ccaac9936bfd75a22a27f0c9ba06a5402a68a45fe8121f58783 Malicious copy of a standard library module that during class initialization downloads and executes remote code and after that attempts to cover its tracks by...

7.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/15 3:24 p.m.13 views

Malicious code in smtblib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15a295f1d98fcbbdd6a077bc3a849966ca3f73919c0d47e58948ff382481e5b6 Malicious copy of a standard library module that during class initialization downloads and executes remote code and after that attempts to cover its tracks by...

7.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/10 8:44 a.m.7 views

Malicious code in bigpyx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a1bcd636394f1505534cf691576b00e8686aa14474e8a209c94f8213310b128 Continuation of the campaign with a slight different obfuscation of the malicious code, but there seems to be no difference in the behavior. The malicious code...

7.2AI score
Exploits0References2
OSV
OSV
added 2025/12/10 8:44 a.m.14 views

MAL-2025-192430 Malicious code in bigpyx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a1bcd636394f1505534cf691576b00e8686aa14474e8a209c94f8213310b128 Continuation of the campaign with a slight different obfuscation of the malicious code, but there seems to be no difference in the behavior. The malicious code...

7.1AI score
Exploits0References2
OSV
OSV
added 2025/12/09 4:32 p.m.8 views

MAL-2025-192391 Malicious code in bignum (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251c8009e3a70f8c3a3a8283dc7f2b603838ec892d7773f0b4886122ff0d97c5 In this incarnation, the package is no longer a clone of networkx, but continues to use the same technique to run secretly remote code and cover tracks ---...

7.5AI score
Exploits0References2
OSV
OSV
added 2025/12/08 2:14 p.m.10 views

MAL-2025-192376 Malicious code in graphnode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 981903800087e4528bba3ec6bb841e810feaedfa490e7f078fcac9c9d663e4ce This is a malicious copy of the networkx package. It contains an obfuscated script that downloads and runs further scripts from one of multiple locations, and...

7.2AI score
Exploits0References2
OSV
OSV
added 2025/12/07 12:40 a.m.5 views

MAL-2025-192364 Malicious code in blank-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 96f1bcd77950a6cd42af11d0d4fb4ba3d58349cfde6236027341c044e152bfeb This is an infostealer, based on Blank Grabber. It's used as dependency in other malicious packages --- Category: MALICIOUS - The campaign has clearly maliciou...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 6:30 p.m.6 views

Malicious code in jsonschemex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21f678f82847db32c68ab5a95a827f755d13b5d4cd371667eb584f25ed28ed01 Malicious clone of a legitimate package with hidden code that downloads the next stage scripts. Analysed payloads had just exfiltrated basic infos --- Category...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/11/23 12:42 a.m.3 views

MAL-2025-191758 Malicious code in hexdecnet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ca5c3aa5b553fffaca36241e0e3a6144c9b661b9e0cb77fd93ae34fc6b1ed7e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/14 7:58 a.m.6 views

Malicious code in hexadec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9d0ae8ccf24a6f5bfc3a0d5e39a983576d6edb2c64d9fe31fcb758236a4aa25 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

6.9AI score
Exploits0References2
Rows per page
Query Builder