22 matches found
MAL-2026-5803 Malicious code in flow-lending (npm)
Sentinel-high 9.9.9 dependency-confusion squat of an internal Cardano/DeFi lending pkg. preinstall node index.js || true auto-execs a credential exfil: harvests env secrets mnemonic/private key/token/blockfrost API key and POSTs to raw attacker C2 2.25.140.71:8443/surflending/npm-confusion. 2-pkg...
Malicious code in postinstall-logger-7x9z (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e89b603ffc718873a9d4c42167bf0c667c995cc2547bc9b99373ad4e9f0ca1e On install, package.json's postinstall hook "postinstall": "node run.js" triggers execution of bundled beacon scripts beacon15.js and beaconlinux.js...
MAL-2026-5684 Malicious code in jec (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfd390b5ea0fe558bd7f5fd56dec8386148e58d7f8d4b6bba14f8a2aa8b6d323 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-4201 Malicious code in obs-migrate (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ecb04d891693e925c9055e0b5c5844ebb6cf8c210000e9905bf892ab7d0674d7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-3368 Malicious code in yc-depconf-test-807dff (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fe18d1e58fe7fbcd1a68dc26d47c9fa27f9678cf4bc50e3aa4ad35b16d0f85ce Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in bytedvod (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2b90eec61e5e2a472f910011acc1e66e407b4a240e907ac74289221e1a5e83f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2546 Malicious code in hex2pcap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e634909fd8dcb36401b0272dad2f87486457c32c1283145dfb76d402fff41c2c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in gd-auth-sso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8f23b8545f85df66640646272b028ab4db1032fcb4fd5bbd745971b3438cc4f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2310 Malicious code in lakeflow-community-connectors (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 931d6183e0dc407fb2c14769dcebb7d1845f4af9ca0b26766d75d783b5611165 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2240 Malicious code in magtape (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6f476b63043b398a38eb28706575478aab4fb04820ce16d7836e726df21a1a93 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-842 Malicious code in amplify-python-logging (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e12fee1c4154d81de6e4575af21aa6a760da4f5694746264a2de50e2c5782fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in p7zip-full (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-766 Malicious code in greeter-pro-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-97 Malicious code in robustinfer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2fd89ce9f166281f91029df8dc7595d23503a595a4baba85f1702ccf0b4e2b11 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in gptall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d6c72f5a98f22bc22ef0ad7aef178f253ba95ebac54ba881f95762d4805f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191741 Malicious code in google-cloud-iam-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e75faf49c379401db38883bfb490edbc74161e0d52d38f6aac38f6166645133a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191844 Malicious code in python3-autopep8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 36e35b782ec2e15a96c4b7c9d9eb5bacbbf3ded26b6b3ee72f2f698b1622c241 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in netsec-monitor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d53ca1631ad5169910977a710485caa2e85f057cba20a5d29bdcaeccda0cf4f9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12339 Malicious code in requests-rapidly (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f63fa6b6885f81b5660794281f53b691fe2c4556c0a3ae1ead90bcf7fda7238b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12328 Malicious code in postgresql-connector-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 87f55ac62324b5fc631b711e125f897d8ae10d06a9d80173463d9a5fa1915302 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...