GHSA-486G-47CC-8WXF aiocpa contains credential harvesting code

aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...

aiocpa contains credential harvesting code

aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...

PYSEC-2024-152 aiocpa 0.1.13 contains credential harvesting code

aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI...

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot

The administrators of the Python Package Index PyPI repository have quarantined the package "aiocpa " following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The...

PT-2024-40899 · Pypi · Aiocpa

Name of the Vulnerable Software and Affected Versions: aiocpa versions prior to the removal from PyPI Description: The issue concerns a user-facing library used for generating color gradients of text. It was discovered that version 0.1.13 introduced obfuscated, malicious code. This code targets...