MAL-2026-932 Malicious code in easyreg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...

MAL-2026-933 Malicious code in pywin-simple-gui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 43b40c0dbbbc187822a28a401194873adc73d13e531f2789c4227374f7ec9e26 The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...

"FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly

Overview "FFRI yarai" and "FFRI yarai Home and Business Edition" provided by FFRI Security, Inc. handle exceptional conditions improperly CWE-703. When the product's Windows Defender management feature is enabled, and Microsoft Defender detects some files matching specific conditions as a threat,...

GhostDelivery - This Tool Creates A Obfuscated .vbs Script To Download A Payload Hosted On A Server To %TEMP% Directory, Execute Payload And Gain Persistence

Python script to generate obfuscated .vbs script that delivers payload with persistence and windows antivirus disabling functions. Features: Downloads payload to TEMP directory and executes payload to bypass windows smart screen. Disables Defender, UAC/user account control, Defender Notifications...