Lucene search
K

22 matches found

OSV
OSV
added 2026/07/02 9:23 p.m.9 views

MAL-2026-6733 Malicious code in epic-build-scripts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14d466b50466bb93e6e9130d18e67b680c7255beecafe16043dc5ee51bfec886 On import epicbuildscripts, the package's top-level init spawns a background thread that POSTs a JSON payload containing socket.gethostname, the...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 10:9 a.m.18 views

Malicious code in bash8 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e665213ba552605420b2269888e041b8b8af4c9e8314d731a8aa246f0fefd748 Package is published as 'bash8' matching an existing PyPI bash linter but installs a top-level module named 'cacertificates' whose only content is a...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/04/29 5:28 a.m.7 views

MAL-2026-3141 Malicious code in coinmate-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c8d1f75669f5e0386a83dad52d569b6711645921989cf520b3b15c59ec26424 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/04/11 8:16 a.m.6 views

MAL-2026-2546 Malicious code in hex2pcap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e634909fd8dcb36401b0272dad2f87486457c32c1283145dfb76d402fff41c2c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 5:6 a.m.8 views

Malicious code in facebookresearch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2532cd269873dbda78f99b9e22ab736c64c48ba32fa5c27deaf173fdbf33397 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/28 11:55 a.m.9 views

Malicious code in tchap-bot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ca239020bc35efc249b5f387dc3ae473132184319b88a498ba3f7ddd9dd6dfe3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/26 10:11 a.m.12 views

Malicious code in awareness-demo-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 73d2724a4dc0c9e8d1439a29324b142a46c456e7d078ba90127777a59bf906d8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/02/25 7:42 p.m.8 views

MAL-2026-1035 Malicious code in neural-compressor-jax (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb1f58a45ef1a06954d1807517faea8790a771906e95a98d571587558244ea3f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/14 5:25 a.m.8 views

MAL-2024-12375 Malicious code in langraph (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d1857013d9ca781ba7579d60e20a1ee155ced90eef1e9d99045b8797e3e18be Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/13 10:27 a.m.5 views

MAL-2026-877 Malicious code in arrayvec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 39346af7e82bdb4aa8dca53b864258b9ffe328ea982aa3009b62b84d174ebe29 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/01 7:14 p.m.5 views

MAL-2026-621 Malicious code in base-local-planner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c0cb640a181ee8e6c31d4f0f87e8768b7a67b70174dd65794e8d980909eac8a3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 8:21 p.m.9 views

Malicious code in code-transfering-3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 949a505895a5dcb808074bcddc1a084d12cfadb4b999712b48e012ad455ce817 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/06 6:26 p.m.6 views

MAL-2026-97 Malicious code in robustinfer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2fd89ce9f166281f91029df8dc7595d23503a595a4baba85f1702ccf0b4e2b11 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
added 2026/01/01 6:40 p.m.4 views

MAL-2026-5 Malicious code in queryservice-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92aafbccc7065760e0127931c5150c59561f3b753ab9fe79dbcbdafd1aef97dc Dependency confusion PoC that exfiltrates also potentially sensitive environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent,...

7.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/09 6:38 p.m.7 views

Malicious code in ctosec-appsec-wb-xray-adapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33176e85f6e5dce44273ddbf5be45cf64ddd36db281b50a5868851a32fb19d0c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/04 9:59 p.m.6 views

Malicious code in dell-restore-system (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d7594f4b8ee8ab48f5529cbd92f0e9e19f708a18852d03a3e2ce395be3b9d7ec Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/11/19 1:6 p.m.4 views

MAL-2025-191870 Malicious code in sitoogether (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 09dd85c25ad8d35e40f8afc89c4a7f0322beb48a72db826b13c2142810460ac9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/28 10:36 p.m.6 views

Malicious code in mulaptested-pakname (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe9ba6c7da3568c9fc879641c190c301a2bd8a349b38a44295eb2924139c78b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/01/26 6:1 p.m.7 views

MAL-2025-191738 Malicious code in getpublicip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 041ba7130d1460fe6480d062c61c78db3b88cc5c6d060913d0501fdbdc7c35b0 If installed using source package, the package collects selected environment variables, including GITHUBTOKEN if set, and sends to an external service. The...

7.5AI score
Exploits0References1
OSV
OSV
added 2024/12/03 6:3 p.m.3 views

MAL-2024-12275 Malicious code in genz-translator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 983b5b328e433d81113b3e170f313aba83ae5eff0ecd515fc9865ca3a5be1ee9 Installing the package installs a reverse shell. As the mentioned domain doesn't seem to exist, it may be a test designed for an internal usage --- Category:...

7.5AI score
Exploits0References1
Rows per page
Query Builder