MAL-2026-4810 Malicious code in binproto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 72de81f36a15d75d302ca94b378c3e5025b6d0cb2d24360d06527130ed053ebd When using the provided functionality, the code silently downloads and executes a malicious executable. --- Category: MALICIOUS - The campaign has clearly...

Malicious code in fastapi-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e414a858711540d25b63ced50114d396e150157b65a70056beccc38948a4199 The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

Malicious code in ultrafasttelethon (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 73a960b0cd2d21f8bde61f22f956a4c2a02ccddd9e1277eef23d3d8e0406cba4 Clone of Telethon package that exfiltrates credentials. See client/telegrambaseclient.py L608-626 exfiltration function and client/auth.py L163 usage. ---...

Malicious code in fastertelethon (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3ccfc281c2541df7e1354e6de8c64624fdc75dcc229d33962b171b0a95087edf Clone of Telethon package that exfiltrates credentials. See client/telegrambaseclient.py L608-626 exfiltration function and client/auth.py L163 usage. ---...