1080251 matches found
MAL-2026-5294 Malicious code in magique-ai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 155a3b7ed9c67010006ca571bfcd1fd23d957f4ff7ed21eec9dc6bda7cc44c9a Versions 0.4.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
MAL-2026-5323 Malicious code in ppkt2synergy (PyPI)
The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...
Malicious code in pantheon-agents (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 57f0e964aed446fe82998f13d1cbc577bff274378d980b551e4c134d093ab016 Versions 0.6.1, 0.6.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5298 Malicious code in executor-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 445bbd05ea0ef3e22608235bea18f26fc18aaaff2066b5512c9752ba04a6ab13 Versions 0.3.4, 0.3.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5300 Malicious code in funcdesc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6f85c691f141dc4c962171ac49945286bb40e15cb8450d2f42d048a3f53bb22 Versions 0.2.2, 0.2.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in pantheon-toolsets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9c9711927907f09a0ef2b146d3aba3b8a06197b9af3f639d579015cdab7c0d5d Versions 0.5.5, 0.5.6 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in executor-engine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 445bbd05ea0ef3e22608235bea18f26fc18aaaff2066b5512c9752ba04a6ab13 Versions 0.3.4, 0.3.5 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5295 Malicious code in coolbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5c2dc2f03691017c67f2ef9805c4974416d935298b4748b033bfb7f487ede251 Versions 0.4.1, 0.4.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in mflux-streamlit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 27ef4c7f33e59dbe037d4b212286dd08cb7b1824c28c0032eb2d91db7a2b0174 Versions 0.0.3, 0.0.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in synago (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bee487bb185457ca9e9d74e0963e23be3e84241a6bcd7d0bd5ca44855dd7d28b Versions 0.1.1, 0.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in pyphetools (PyPI)
The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...
Malicious code in langchain-core-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ccea64b925d1d7ce4f42ceaeeb77320244fd0c3714ed6c605428e90d42956f96 Versions 1.4.2, 1.4.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in ray-mcp-server (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eae739a0cbe63099850e15e7ed9a72efd9d840d8cf003aa8c8dae1bb4c78a716 Versions 0.2.1 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
Malicious code in funcdesc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6f85c691f141dc4c962171ac49945286bb40e15cb8450d2f42d048a3f53bb22 Versions 0.2.2, 0.2.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
MAL-2026-5325 Malicious code in ray-mcp-server (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eae739a0cbe63099850e15e7ed9a72efd9d840d8cf003aa8c8dae1bb4c78a716 Versions 0.2.1 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...
MAL-2026-5282 Malicious code in mrbios (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3bc0ad232af6f3dafcf2d02441531485e0b459c2659542375c62f4f7003c9e08 Versions 0.1.1, 0.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in ppkt2synergy (PyPI)
The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...
Malicious code in executor-http (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4396c593615517f1abf374bf3621ad44a9d0b5c540aaf8c8e101cd4954f7d7be Versions 0.1.3, 0.1.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in coolbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5c2dc2f03691017c67f2ef9805c4974416d935298b4748b033bfb7f487ede251 Versions 0.4.1, 0.4.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...
Malicious code in okite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ec7e17ca2529781ce61d69b2d7e765c5e3e790d3ae2e2f187b006d710d7f9ed1 Versions 0.0.7, 0.0.8 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...