38 matches found
Malicious code in lib-1779997093-yjeeqn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 adfe3f8b85f731f407f8da6669a76b821b042e4ea1f2fd8fcfddf3293c2ca697 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in @loans/vehicles-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23e2b702fc2de01ebe69a6d2baa4766782db91842f096c04b4b5d019105cd91b @loans/vehicles-api is a dependency-confusion package targeting an internal @loans npm scope claimed homepage docs.loans.io, README directs users to ...
Malicious code in @nutui/nutui-react-taro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71ad42f4bfd953311c2d69f622cc6e8d5193a8852ac0bbc9ea0781ac6b651390 The package's postinstall.js invokes execSync'npm-usage-stats disable' and execSync'npm-usage-stats', stdio: 'inherit' . The npm-usage-stats bin is...
Malicious code in @web-3d-tool/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e96a726cf0732113215b2026a7a59fc6bf471f86d34153fea3a0e32b275fb5 @web-3d-tool/sdk is a near-empty package trivial 35-byte index.js, empty author/description metadata whose only effect on install is to pull in a...
Malicious code in runtime-vitals (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f5e056ef78ad47697156c0dce0819370ffc74bb450e226bfb2bf934651b5836b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in bytedclaw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 222fec842fbce5c57d9ab98166abc5a0b555076048a153f00dd34b7a1ceec072 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-3088 Malicious code in bytedbackground (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ab2e307770a6b144edad3254d316375ed3cdad0a56f21438b28bcc0f1a17fcb9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2852 Malicious code in aet-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cf718588332bb7bfa01fcad3d6c7ece7d3a2e075b036201a74c38bcab78c17e9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2847 Malicious code in shan-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f30fc6910fe03c53a74048a95f90fcd38db1b5317f3a3401ceb1bb9ea24fc704 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in buildenv-telemetry (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e56999171c1a81c357cd2b0847497fac643313bd0252be55a1d03cd40be48c1d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in ixosmonitoring (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cfca4d7a38a0805f56b3bddcef1b421a8584a4d52df7a1a22676369679347bf5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sentry-filter-forks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ed033104f960de0ad156fa893787d61423bed78d98f2b8fcf77860bf9a493900 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in spatialmedia (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a092215ab076cff12b7606adbc678a0340701124b7e10d747c6b8aca8d5fed7e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in pubsub2inbox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bf686448f618fa764676453e2c0b7436f7c50c2043cc2734d2fcc142fb86f951 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in simple-text-parser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 028015ffba2e58b87cbc6405ccb9358c194b81fafea44e7359587509510d4027 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2026-905 Malicious code in marshmellows (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 92a41b4a9b9f5733eae9cfa5ca9c6802d52d803a1835820ee5098f58419fc18e Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...
MAL-2026-867 Malicious code in pandaai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...
Malicious code in pandaai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...
Malicious code in rzr-home (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14fb9c76cd89c8c46f6d961d450c57fcc5f454cd3ce67a53a1868ba36f66fec1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in vllm-plugins (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4fa0706d497278a502d158c89d51645a6f4e8187ca325aacaa59facccf542a03 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...