Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/05/01 2:25 p.m.0 views

MAL-2026-3214 Malicious code in renderkitcore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a66bf58bff553ec613604164eb60adcb89fcde468491b746838a6e2c18b0e3a0 Package is prepared to exfiltrate .log and .txt files to the target already associated with exfiltrating sensitive data. --- Category: MALICIOUS - The campaign...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/04/29 11:10 p.m.3 views

Malicious code in ro-db (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd23f786275f7f9939deab001c8b06daaba21ad7dcb861fd6bb9cdd2e3d830c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

5.7AI score
Exploits0References9
OSV
OSVadded 2026/04/13 10:3 p.m.2 views

MAL-2026-2625 Malicious code in robase-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e1076baa8ca4cabd7ae4b1caafa04658a6f7a1c80f52d25de958412ec5d11661 The package is part of a malicious campaign, but was removed before the malicious code got embedded inside. --- Category: MALICIOUS - The campaign has clearly...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 4:29 a.m.2 views

Malicious code in dependencies-rimraf-orbit-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8dbdb8fb598ace85ab132ab2e8e249b3b8f37c34607f4a50808f231b4d761e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSVadded 2025/04/20 12:5 p.m.2 views

MAL-2025-191831 Malicious code in pyapiepo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69aee56f4c3bce704bc65574959aee0226417e4d6a6e05e662d6fa235c12815f Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

7AI score
Exploits0References1
OSV
OSVadded 2025/02/25 6:18 p.m.2 views

MAL-2025-191687 Malicious code in awscloud-clients-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e27bf5713a8bafdbcc34c43b98cc4d5e9c5d03e4952f788b12ff9749081b22d2 This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

7.2AI score
Exploits0References4
Rows per page
Query Builder