MAL-2026-5120 Malicious code in redteam-qxz7-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 855b67c0cf1aaed6f5e0ce3a67478a20cd4244c56424002feeeb0dea1a875848 During installation, the package exfiltrates cloud tokens from the environment. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

MAL-2026-5096 Malicious code in cscc-glass-house (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20f53888d08d0aa70146b50e8dc761373490363f9081ea0adb9fb93cfd2b6240 Package implements exfiltrating credentials from cloud environments to a hardcoded location. Some code parts suggest it may be part of a CTF. --- Category:...

MAL-2026-1138 Malicious code in fwk-amigapython-amigamlserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5d6f09429b123469b1fc83ceb4af35c595ff4b6e2631552fc857922ca921c4c5 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

MAL-2026-1141 Malicious code in identityapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45946e31faffbed940c8acb3656be0d5f25de7db36f58766cdac44a1e7d6150b During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...