9 matches found
Malicious code in bitrix24-tasks-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bab6892c4cbccd8f2a92bfc67413a5c5c300a691b104e064f126805e66a3842f build/bitrix24/client.js line 6-7 declares const BITRIX24WEBHOOKURL = process.env.BITRIX24WEBHOOKURL ||...
Malicious code in transaction-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c1efc9cf33a18e7f3c4294c39aabadf136974e4e2ee56c874ba337ac609c6b77 The only thing the package does is send out all the given data about a cryptocurrency transaction, including the private key, to a hardcoded webhook. Feedback...
MAL-2025-191909 Malicious code in transaction-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c1efc9cf33a18e7f3c4294c39aabadf136974e4e2ee56c874ba337ac609c6b77 The only thing the package does is send out all the given data about a cryptocurrency transaction, including the private key, to a hardcoded webhook. Feedback...
Malicious code in discord-token-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44f591d196b048c4cad8da1cc1399681e22a2d5786fb212fda7c920aed8c2b07 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...
MAL-2024-12257 Malicious code in discord-token-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44f591d196b048c4cad8da1cc1399681e22a2d5786fb212fda7c920aed8c2b07 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...
Malicious code in osint-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 10a834a37294b0f3aaf52345444f8c5c2a15dde780c8342446c53ecc05d623c0 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...
MAL-2024-12320 Malicious code in osint-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 10a834a37294b0f3aaf52345444f8c5c2a15dde780c8342446c53ecc05d623c0 osint packages promise to be OSINT tool, however, when providing the username to search for, the package attempts to exfiltrate Discord tokens from the user. T...
Malicious code in mennort (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a18b704aee3dd3fa8d54027bbe2d6634696fcffaf194410e38fb5318d0d2a534 Package sends out the data to a hardcoded webhook. However, it's clearly said in the description, thus - not really malicious. --- Category: PROBABLYPENTEST -...
MAL-2024-12305 Malicious code in mennort (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a18b704aee3dd3fa8d54027bbe2d6634696fcffaf194410e38fb5318d0d2a534 Package sends out the data to a hardcoded webhook. However, it's clearly said in the description, thus - not really malicious. --- Category: PROBABLYPENTEST -...