cafe-release (=0.1.3), cellist (>=1.0.0 <=1.1.1) +5 more potentially affected by unknown CVE via dynamo-release (>=1.4.0 <=1.5.3)

dynamo-release PYPI version =1.4.0, =1.0.0, =0.1.7, =1.0.0, =1.1.1 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DYNAMORELEASE-17220136...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Malicious code in dynamo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4e35bea632f7363e7a1cc6ccbfb9227eca2c4720b0a689edc1bc3ce64c9d85c Versions 1.5.4 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...