38 matches found
MAL-2026-826 Malicious code in testppe-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 49f139a3af58a80c706b3bc4b6c38676411528f34be00c79351705767f39eaa4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-505 Malicious code in flask-hookserver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d5afd1538994efa55632d3ed6d7c9fa419fb26c542b641a3efbd7b35501ea58 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-502 Malicious code in test-poc-package-for-session (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9f768feb5a11add4d0ac64d8f24777461d3586e719a57d4432711ee6aae4f112 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2026-31 Malicious code in telstra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e6ff467569b104f23ebbdc6ef58dec14795aaf14548185bd3b31886ecd9b8003 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-192928 Malicious code in livekit-agents-hedra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8391aaa11b2ae78ceba6cf6eea7b0671d2d21b32d838b94f4504afa13ea832ce Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in evil-py-argo-shell (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...
MAL-2025-190621 Malicious code in @eagleview/ev-mapviewer-interactions (npm)
Package is malware. It exfiltrates sensitive info, executes arbitrary code during install, and matches multiple YARA rules. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2d7da79dc7cea55b1c51c17952322ec30f3d03000a7b075252e9f74084a7a06 The package...
Malicious code in xsltproc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9038d06e907a027d385f7ef9111815ca61e7b26fce85196a549c20e02447adc4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191777 Malicious code in klsosdoids5 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9463b9f77f9d64f5acb9c6a75b2969333be89d6d850af7e75628532ff23e0641 Package simulates calling home on import and there has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but als...
MAL-2025-191780 Malicious code in libopenblas (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c645a504ef0fcafc27968f16db25a5850a7797f3659640cf558053d89742976 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in caas-jupyter-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 48a472c7cfbdf9c730e06e827de93f0566895c78f6b1130ec814a31958409d94 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12282 Malicious code in handyfiles (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 381cd796d4e5fce8fb62c337374b5303e0b2466d67467efc95cbc4d7d8248dd4 During the installation, the package iterates its files and attempts to import a hidden module - which is embedded as ZIP archive in the image file --- Categor...
Malicious code in zip-me (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4ae48b0e5e3d93cee49e83f0bfa47a43f02ede60914545d0d82204c6664fde6f During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...
MAL-2024-12329 Malicious code in pwnstar-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b5a94b7cc47cb91bf552abe43f1a0d078ed5c6e668c5ff4caa8c4d9f6d14177 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
Malicious code in hello-bozzo2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 96e02710356e7f0a4dee853d165a2d18a0a4addad3a07c397e495f61f6bc92fa Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in chatgpt-aitools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 78e2fd98e1c4b97347b9ea62a0db52d71e3ab25a8e62eb8340afd4b5b5ab5d94 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2024-12267 Malicious code in example-pypi-package-loler1 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bb19218b6d780973bde55d613a16a9a637728a4d01e79d570bb3406633f0f639 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in paquete-5 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3a3134bb30ff4d1c08b8ab3469f769ad1a1654d39e0c3e818973063d524d75 Package uses the template from https://github.com/thegoodhackertv/malpip to explore building malicious PyPI packages. --- Category: MALICIOUS - The campaign ha...