Malicious code in stringhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 614fb208fe0dce0e336281a07696b97a699937b1cb5d6167e6d126e8693b7ae6 The package exfiltrates Discord tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...

MAL-2026-2854 Malicious code in stringhelp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 614fb208fe0dce0e336281a07696b97a699937b1cb5d6167e6d126e8693b7ae6 The package exfiltrates Discord tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaig...

Malicious code in pyclogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b43b78466684583bb9a90ced072406566a033523e3b0d2b9032a4dae763ac84c Package contains an infostealer exfiltrating Discord tokens and saved browser credentials to a hardcoded location. --- Category: MALICIOUS - The campaign has...

MAL-2026-1099 Malicious code in pyclogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b43b78466684583bb9a90ced072406566a033523e3b0d2b9032a4dae763ac84c Package contains an infostealer exfiltrating Discord tokens and saved browser credentials to a hardcoded location. --- Category: MALICIOUS - The campaign has...

Malicious code in socketxio (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ebdf2a14543a49aa2f1b1fdeb5a713a43da8326a370249ca370d9023283fb31 Using the provided function results in exfiltrating Discord tokens to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent,...

MAL-2026-1084 Malicious code in socketxio (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ebdf2a14543a49aa2f1b1fdeb5a713a43da8326a370249ca370d9023283fb31 Using the provided function results in exfiltrating Discord tokens to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent,...

CVE-2026-26326

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Version 2026.2.14 stops including raw resolved config values in requirement check...

CVE-2026-26326

CVE-2026-26326 affects the OpenClaw OpenClaw AI assistant. Before version 2026.2.14, the function skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for requires.config paths. The fix in 2026.2.14 stops including raw resolved conf...

Malicious code in questpro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be333f6f44c50eba4d7a7c11754e048bdc2ed092ae58cee1e88cb24225d4d151 When using the package, user's Discord tokens are silently exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2026-936 Malicious code in questpro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be333f6f44c50eba4d7a7c11754e048bdc2ed092ae58cee1e88cb24225d4d151 When using the package, user's Discord tokens are silently exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer also styled as VVS $tealer that's capable of harvesting Discord credentials and tokens. The stealer is said to have been on sale on Telegram as far back as April 2025, according to a repo...

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Cybersecurity researchers have disclosed details of an active phishing campaign that's targeting a wide range of sectors in Russia with phishing emails that deliver Phantom Stealer via malicious ISO optical disc images. The activity, codenamed Operation MoneyMount-ISO by Seqrite Labs, has primari...

MAL-2025-191941 Malicious code in zakuraweb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aa544044c8a113eb904f97650e8132de793d3bab5a7328a3714495e3f6a2283e Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in zakuraweb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aa544044c8a113eb904f97650e8132de793d3bab5a7328a3714495e3f6a2283e Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191795 Malicious code in morosint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2118ab70535d0272c108e5a454745ae83d10cd3421d5989984ab961b348367b5 Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in morosint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2118ab70535d0272c108e5a454745ae83d10cd3421d5989984ab961b348367b5 Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

New Shuyal Stealer Targets 17 Web Browsers for Login Data and Discord Tokens

Researchers warn of Shuyal Stealer, malware that gathers browser logins, system details, and Discord tokens, then erases evidence via Telegram...

MAL-2024-12257 Malicious code in discord-token-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 44f591d196b048c4cad8da1cc1399681e22a2d5786fb212fda7c920aed8c2b07 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...

Malicious code in osint-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10a834a37294b0f3aaf52345444f8c5c2a15dde780c8342446c53ecc05d623c0 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...

MAL-2024-12320 Malicious code in osint-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 10a834a37294b0f3aaf52345444f8c5c2a15dde780c8342446c53ecc05d623c0 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...