Malicious code in mistral-search-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3c615d5d39af7634550be88e5630a25b7a3dbd5bd2a8717cb01f07f06a5cd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

MAL-2026-3090 Malicious code in bytedecs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33034832d7823023eca4d7640030b040b26d4d5274e222bf294b7cf0be28430c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in databaserotacos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 04d640be20e9d2ff55f7682d535f6fd56b67b50008307c2e41986d6b31d4bfa4 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-1994 Malicious code in spatialmedia (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a092215ab076cff12b7606adbc678a0340701124b7e10d747c6b8aca8d5fed7e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-699 Malicious code in tokyo-ppe-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c5907d5bd4d20875048608d41ca58ea06687c84a0c7804cc83f3c3d706ff5fe4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12195 Malicious code in artifact-lab-3-package-1f7a39bc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 986e5ddc5b52149bd60f2e303abd548699bee247784d2201ea6e6814790557bf Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

MAL-2024-12188 Malicious code in adent-core-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7df6de918146aa733c034d9906a45d312d291156e2d227ef5fcf92ae370e79aa Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

PYSEC-2022-251

The spam project on PyPI was taken over via user account compromise via a phishing attack and a new malicious release made which contained code which some environment variables and downloaded and ran malware at install time...