MAL-2026-1989 Malicious code in init2winit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in do-not-install-this-package-004 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 155862095ddb7d3410298aef76abdda3e7eeaf5609b72f97c30790c317b8d1cb During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

MAL-2026-1436 Malicious code in do-not-install-this-package-004 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 155862095ddb7d3410298aef76abdda3e7eeaf5609b72f97c30790c317b8d1cb During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

MAL-2026-1296 Malicious code in bpsm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5dfe0d38862649d74eb0c306f047d854004293223eae7cfa7f4fc82c9370bd96 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-1278 Malicious code in chat-xdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e1f6d17089af4d8a0d8ab4b5ab9398a250b54d8d605c178080a7f275a6ab4687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in prateek-yadav23 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e73aa57c13235ec4d3bcf7aa6139bb5a1bdbade9d72ae81a20c291766b9ac7ab Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

Malicious code in home-robot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5296b22d674fc768fb08662c83b8de3fd07455f6fc2d4f7b433319551cb808e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12374 Malicious code in ci-metadata-python-logging (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2ec44231abe88a238f040c6ed291532c456a0f07e91b5966a76b5262526672d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-842 Malicious code in amplify-python-logging (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e12fee1c4154d81de6e4575af21aa6a760da4f5694746264a2de50e2c5782fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-844 Malicious code in vllm-plugins (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fa0706d497278a502d158c89d51645a6f4e8187ca325aacaa59facccf542a03 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

Malicious code in thecorrectjames (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53ae167216303d3e0d2eda2b5321b60fc5bf9431e16ae0caa507123ba45661a1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-817 Malicious code in ctf-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-810 Malicious code in thread-pipeline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d7de9849aa6d6194b8d6fdf574c6c56c3de7cb75ad338f2428fc7f1374e4280 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-766 Malicious code in greeter-pro-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-739 Malicious code in test-for-ppe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 11b30802efbc46f73d07dbb7b80490e86a7799e4a3abe24b128631de15ad41b1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in pipeline-poision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9de6153f538cb8ccedf00f0f944128afb45f14522913cf398754fc4021f47e3e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path

A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...

EUVD-2026-5014

A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...

Malicious code in flask-hookserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d5afd1538994efa55632d3ed6d7c9fa419fb26c542b641a3efbd7b35501ea58 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-504 Malicious code in researchpoc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20a5e6f7ec432b0c41646f696c530fb5e46e034477a23d448de1ac3f18172bec Package mentions being a research PoC, probably for dependency confusion, but the code is obfuscated making verification of the claim impossible. --- Category:...