MAL-2026-2847 Malicious code in shan-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f30fc6910fe03c53a74048a95f90fcd38db1b5317f3a3401ceb1bb9ea24fc704 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2843 Malicious code in shan-lib-poc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f6c2f4a0560b1811eba11c9fd304f7441ab7e04f4e569e01bdfe06aba6722edb Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in xx-ent-wiki-sm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5ebf0745c51c955dbe898efb0f6b721f30dd75edc24b4ee234e8574cee3da9d3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191697 Malicious code in caas-jupyter-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 48a472c7cfbdf9c730e06e827de93f0566895c78f6b1130ec814a31958409d94 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

`postgress` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...