Malicious code in mistral-evals (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f79806b5d197ed3b6beeedfb7092ad6da36d1d186ad57dc12be0b030c63726c9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in workingitmehelpit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2026-3664 Malicious code in workingitmehelpit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2026-3332 Malicious code in rogiant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2563 Malicious code in robase-installer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1edd96cface7dcae9f445d94982ffc19a27e557fae7030e77e6e5646dfdd5c98 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databasenaps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4e63193532e90f42a370f4171248ffa344728b4699ba6615fbf61c0e7c9e1366 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databasetapes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d859d21aa59dfad2efc5c2f98253cd1cc808621fb3b7525037c104324e27dfe8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in pycolorlib3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 22c84d1bcfac7d68fb2db1c9610d281372db5e2ef93edb1a90903c6a6b772e6c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in klsosdoids2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d72d2891383419bc38738c4c3be786e31a5000e46d5b3064bacf11561ad69af8 Package simulates malicious activity during installation and has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest package...

CVE-2025-54313

CVE-2025-54313 refers to eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 which contain embedded malicious code用于 supply-chain compromise. The description states that installing an affected package executes a malicious install.js that launches node-gyp.dll malware on Windows. Connected IB...