Lucene search
+L

15 matches found

ossf
ossf
added 2026/06/17 9:32 p.m.15 views

Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
osv
osv
added 2026/06/17 9:32 p.m.21 views

MAL-2026-6083 Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
osv
osv
added 2026/06/08 7:54 a.m.12 views

MAL-2026-5305 Malicious code in tlask (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae87e0c65760999b8ff4e28d11505b15a71a1a46dd8d761122e3d9d8e2cd85b6 The package is published as 'tlask', a single-character edit of the widely used 'flask' package on PyPI. Metadata and module contents are copied...

6.2AI score
Exploits0References7
ossf
ossf
added 2026/06/06 6:13 a.m.18 views

Malicious code in magique-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4241e99d1053712e6909db44c939421695dff66556055a93058f9a55f8694929 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References6
ossf
ossf
added 2026/06/06 6:13 a.m.13 views

Malicious code in executor-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fee580000475783e657a2e66ca6a4a4bd4369aa0bc9f87152b003dca6f34848 executor-engine 0.3.4 ships a malicious site-packages.pth file executorengine-setup.pth that Python's site initialization auto-executes on every...

5.9AI score
Exploits0References7
osv
osv
added 2026/06/06 6:13 a.m.13 views

MAL-2026-5285 Malicious code in ufish (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27371fa53e0e8e5e763b18b9bcadfd9b6991c720dd154d17bffeab0e7a139ef4 Versions 0.1.2, 0.1.3 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed...

5.5AI score
Exploits0References5
osv
osv
added 2026/06/06 6:13 a.m.13 views

MAL-2026-5325 Malicious code in ray-mcp-server (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 278bed91803e9a6775f966913bab49658f82a589e086ce8413782418a4bc4833 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References5
osv
osv
added 2026/06/06 6:13 a.m.12 views

MAL-2026-5278 Malicious code in spateo-release (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21400e8510d0663de6c3a4454fe99d9200cb83ae8d1ecdc137c99f3668da4293 Versions 1.1.2 were compromised. Compromised packages start an obfuscated infostealer. The infostealer is a heavily obfuscated JavaScript code executed using B...

5.5AI score
Exploits0References5
osv
osv
added 2026/06/06 6:13 a.m.10 views

MAL-2026-5283 Malicious code in okite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cc7d54b0e30e24367551e3f19ab7387cf397cf9e1b5889c9f04ff871c771c38 The package installs okite-setup.pth, which Python auto-loads on every interpreter start. The.pth file contains a one-line obfuscated exec of a strin...

6AI score
Exploits0References7
ossf
ossf
added 2026/05/13 3:25 p.m.20 views

Malicious code in pandas-data (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
osv
osv
added 2026/05/13 3:25 p.m.16 views

MAL-2026-3661 Malicious code in pandas-data (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
osv
osv
added 2026/05/13 3:25 p.m.7 views

MAL-2026-3662 Malicious code in py-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd2bd26870d2cf5df73c69bca7ed9088604eccf44727e4c59f0301cc8ccd35a Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
ossf
ossf
added 2026/04/14 5:42 a.m.6 views

Malicious code in svchost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a56926028e7e253a1ffb3ba27d6514a5cbc6b23964d7e1094846a895dd322656 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

5.8AI score
Exploits0References1
ossf
ossf
added 2026/04/01 5:49 p.m.6 views

Malicious code in eht-account (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7e1fa4f35985059ad18e3e325fc65e1d25a5692cc9690a4b15af2d76492b95fe Clones of a legitimate library. During processing the private key, it's getting exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious inten...

5.9AI score
Exploits0References1
ossf
ossf
added 2026/03/28 7:40 p.m.7 views

Malicious code in aiogram-photo-updater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62ec906fc563c8e7b6c22bb0dae1e739e6c3d8e24091105a8eafb292dae2f661 When run, the package exfiltrates files from a cryptowallet and modifies its executable placing an implant exfiltrating passphrase later. --- Category: MALICIO...

5.9AI score
Exploits0References1
Rows per page
Query Builder