22 matches found
MAL-2026-3772 Malicious code in rimraf-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59d88d733415216903578b3c3806d76405a23a7cca56ee355eb6725e4e930d4 [email protected] impersonates the widely-installed rimraf package index.js is a dummy stub that internally identifies itself as 'lodash-js — Just a...
Malicious code in cheerio-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d51a2885f4eaff732d1ef7ab065b04d21c59263b1212d5b92b92c87914ef879 cheerio-tool typosquats the popular cheerio HTML parser README claims 'Cheerio Tool utility helpers', keywords are 'lodash','utilities', and index.js...
Malicious code in timesmcplib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 da06df6b9831a400bbf6f90e6ae20c8633f5ca98f71ca4927cbc0647ec6ccb17 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in currenttimerlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2c8597070407b25804a26b2e7245768836031c1686a98750599ba2ce1833d4aa During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3229 Malicious code in currenttimerlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2c8597070407b25804a26b2e7245768836031c1686a98750599ba2ce1833d4aa During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in currenttimerpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3225 Malicious code in as89ufnaisufn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e21c9860ca710010b7059d9284d8e2665c8163a8f1f351782e1a30f2037ce647 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3227 Malicious code in timingmcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c55706ce911042ace020630f65dc65015cf677b2d5a106ccd3ddba10e90f327f During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3226 Malicious code in timesmcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 85630b024b2eb06c5002dd3ac72fa8bf4733f08d34de10bf0eca0851bf2d9f86 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3228 Malicious code in ziugxfbvo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 257409f82e56689d4cd8ebe7ac8ae8e09203ecbd7eab311970e4bdeb7be92b05 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in doisomgcxog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 78d6a043bbe150c65e0a3e7e56c69f1ff32171b70a684d512c87a2bfe0baf0b5 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in timenow-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 773fd03a72216bd0bb09449cddd181ae90da5d456b572592cd493bac39f356f4 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in timenow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1f3a9539cc4ef3e4b515404ac4b13179d37a09923c8fd90a06f4b751ed397d9c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3132 Malicious code in timemcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8be0be5130ca45aa72ebb49b748e71aaf6998f09229910884076b5abc6a70c39 During import, the package automatically downloads and executes code that first acts as an infostealer, and then starts code acting as a RAT. It connects with ...
Malicious code in process-support (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ba15c5dd66c6282ee21f8ee819191d6fbbbf194845ad231ac7d26856d334db70 During import, the package automatically starts code acting as a RAT. It connects with a hardcoded C2 server and waits for commands, supporting e.g. executing...
Malicious code in @langgraphjs/toolkit (npm)
Package collects and sends sensitive system info to a hardcoded server. The package masquerades as a LangGraph JS utility but contains a malicious postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
PYSEC-2025-5 Exfiltrates user cookies to hardcoded server endpoint during normal operations
Published in 2020, the autodzee package is a Python library that bypasses Deezer API restrictions to download music. The package was found to exfiltrate user data to a hardcoded server, which could be used for malicious purposes...
Exfiltrates user cookies to hardcoded server endpoint during normal operations
Published in 2020, the autodzee package is a Python librarythat bypasses Deezer API restrictions to download music.The package was found to exfiltrate user data to a hardcoded server,which could be used for malicious purposes...
When using the project to bypass Deezer API restrictions, project exfiltrates user data to a hardcoded server.
Published in 2019, the autodzee package is a Python librarythat bypasses Deezer API restrictions to download music.The package was found to exfiltrate user data to a hardcoded server,which could be used for malicious purposes...
PT-2025-8756 · Autodzee · Autodzee
Name of the Vulnerable Software and Affected Versions: autodzee affected versions not specified Description: The autodzee package, a Python library that bypasses Deezer API restrictions to download music, was found to exfiltrate user data to a hardcoded server. This could potentially be used for...