Malicious code in @mlspace/env-jupyter-server (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

Malicious code in tns-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 186bfba0931ba063bd6e71325785b97c646cbfaaf91c4dca876653673d29c0cc Package is prepared to exfiltrate environmental variables. The wording used clearly states it's part of a campaign targeting cryptocurrency users via malicious...

Malicious code in amigapythonupdater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 46cf32631436ddacf36a4984b254c10554b4e94c6099c5012a96ec3a7c5426a1 During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

MAL-2025-191845 Malicious code in python3-shodan (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b4fca245262ff8de532efc88e1941697e6994786e09eca8a9cbcdbf9faff5cca Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...