Malicious code in pubsub2inbox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bf686448f618fa764676453e2c0b7436f7c50c2043cc2734d2fcc142fb86f951 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in simple-text-parser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 028015ffba2e58b87cbc6405ccb9358c194b81fafea44e7359587509510d4027 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

MAL-2026-905 Malicious code in marshmellows (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92a41b4a9b9f5733eae9cfa5ca9c6802d52d803a1835820ee5098f58419fc18e Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in pandaai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

MAL-2026-867 Malicious code in pandaai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in rzr-home (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14fb9c76cd89c8c46f6d961d450c57fcc5f454cd3ce67a53a1868ba36f66fec1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in vllm-plugins (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4fa0706d497278a502d158c89d51645a6f4e8187ca325aacaa59facccf542a03 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2026-826 Malicious code in testppe-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 49f139a3af58a80c706b3bc4b6c38676411528f34be00c79351705767f39eaa4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-505 Malicious code in flask-hookserver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d5afd1538994efa55632d3ed6d7c9fa419fb26c542b641a3efbd7b35501ea58 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-502 Malicious code in test-poc-package-for-session (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f768feb5a11add4d0ac64d8f24777461d3586e719a57d4432711ee6aae4f112 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

MAL-2026-31 Malicious code in telstra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e6ff467569b104f23ebbdc6ef58dec14795aaf14548185bd3b31886ecd9b8003 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-192928 Malicious code in livekit-agents-hedra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8391aaa11b2ae78ceba6cf6eea7b0671d2d21b32d838b94f4504afa13ea832ce Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in evil-py-argo-shell (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...

MAL-2025-190621 Malicious code in @eagleview/ev-mapviewer-interactions (npm)

Package is malware. It exfiltrates sensitive info, executes arbitrary code during install, and matches multiple YARA rules. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2d7da79dc7cea55b1c51c17952322ec30f3d03000a7b075252e9f74084a7a06 The package...

Malicious code in xsltproc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9038d06e907a027d385f7ef9111815ca61e7b26fce85196a549c20e02447adc4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191777 Malicious code in klsosdoids5 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9463b9f77f9d64f5acb9c6a75b2969333be89d6d850af7e75628532ff23e0641 Package simulates calling home on import and there has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but als...

MAL-2025-191780 Malicious code in libopenblas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c645a504ef0fcafc27968f16db25a5850a7797f3659640cf558053d89742976 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in caas-jupyter-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 48a472c7cfbdf9c730e06e827de93f0566895c78f6b1130ec814a31958409d94 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12282 Malicious code in handyfiles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 381cd796d4e5fce8fb62c337374b5303e0b2466d67467efc95cbc4d7d8248dd4 During the installation, the package iterates its files and attempts to import a hidden module - which is embedded as ZIP archive in the image file --- Categor...

Malicious code in zip-me (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ae48b0e5e3d93cee49e83f0bfa47a43f02ede60914545d0d82204c6664fde6f During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...