33 matches found
MAL-2026-1097 Malicious code in botbooster (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0ac97422a8ea78df8c5538d0dbada7aad5720510773f1855cf5e4b5a9cbc56cb When using the provided function, code exfiltrates the sensitive token from local settings.json to the hardcoded location. --- Category: MALICIOUS - The campai...
MAL-2026-1089 Malicious code in randomstringgen (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9fc95ea566ad1938f7f75123eee2d8b3365bf55f06d7aa8a5f569f5e4c696132 Using the provided function results in exfiltrating the current running file likely the user's script to the hardcoded location. --- Category: MALICIOUS - The...
Malicious code in b10connoisseur (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b004210d186f2b625699f4d863f3ba95407f836eadfee0168be63f85124b5b7 During installation, package attempts to enumerate the environment and exfiltrates potentially sensitive data to a hardcoded location. --- Category: MALICIOUS ...
MAL-2026-870 Malicious code in b10connoisseur (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b004210d186f2b625699f4d863f3ba95407f836eadfee0168be63f85124b5b7 During installation, package attempts to enumerate the environment and exfiltrates potentially sensitive data to a hardcoded location. --- Category: MALICIOUS ...
Malicious code in aiogram-types-v3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f6ba04e944f1dfda1aaa2d571fa79cd8ce4074a106bae228e582473226810baf During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...
Malicious code in aiogram-3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d8dac0d1eb98dbfc0fe46cabeadb550699f5e41b5d033ded073f7572f450bf7 During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...
Malicious code in aiogram-sever-patch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0be41c08090971a10e54930628353748c82ed55c0f9795b26a932f806852fd4f During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...
Malicious code in discordhelper-ecr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 689b1c190dc23f0188a57cac218b8dd66c56ecb77478d9bdac584a8cd111bb9b Package exftrates discord credentials to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191719 Malicious code in discordhelper-ecr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 689b1c190dc23f0188a57cac218b8dd66c56ecb77478d9bdac584a8cd111bb9b Package exftrates discord credentials to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in mcp-runcmd-server (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e5608c421ba44a3a2e20b924bd3399d6452dba66e7aea10a0fcdc8044f5a996 Package starts a reverse shell to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191788 Malicious code in mcp-runcmd-server (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e5608c421ba44a3a2e20b924bd3399d6452dba66e7aea10a0fcdc8044f5a996 Package starts a reverse shell to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
CVE-2020-15731
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...
Input validation
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...