MAL-2026-4291 Malicious code in pylogkt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1c9e5bf0ffd994f076a4a76395b5bcccd2716229439910912bd49aaf52f903 The package masquerades as a logging utility but every call to its logging API log.info/debug/etc triggers Logger.log, which on macOS hosts paths...

Malicious code in pylogkt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1c9e5bf0ffd994f076a4a76395b5bcccd2716229439910912bd49aaf52f903 The package masquerades as a logging utility but every call to its logging API log.info/debug/etc triggers Logger.log, which on macOS hosts paths...

Malicious code in pylogft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b35cabdffc8a44bcf857b973cc7eb89b6ae691c9be8189a58a0bd30c1a55a37 On import pylogft, the package's init.py lines 26-27 checks whether the install directory begins with /Users or /Library macOS developer/CI hosts and...

MAL-2026-4253 Malicious code in pylogft (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b35cabdffc8a44bcf857b973cc7eb89b6ae691c9be8189a58a0bd30c1a55a37 On import pylogft, the package's init.py lines 26-27 checks whether the install directory begins with /Users or /Library macOS developer/CI hosts and...

Malicious code in pylogfmt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34bc39125496330ed9b38f1f6d7f06db7e150d83144f9d7e1e04552112851c4a On import pylogfmt, the package's init.py spawns a detached background subprocess subprocess.Popensys.executable, 'check.py', stdout=DEVNULL,...

MAL-2026-4231 Malicious code in pylogfmt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34bc39125496330ed9b38f1f6d7f06db7e150d83144f9d7e1e04552112851c4a On import pylogfmt, the package's init.py spawns a detached background subprocess subprocess.Popensys.executable, 'check.py', stdout=DEVNULL,...

MAL-2026-4227 Malicious code in lognest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 481f45cde243009853b52b584fb6a1af2eae31e637912c8b78f18a8d7ee0d9d0 On import lognest, the package's init.py spawns a detached background subprocess running a sibling check.py lognest/init.py:25...

Malicious code in lognest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 481f45cde243009853b52b584fb6a1af2eae31e637912c8b78f18a8d7ee0d9d0 On import lognest, the package's init.py spawns a detached background subprocess running a sibling check.py lognest/init.py:25...