50 matches found
Malicious code in mistral-workflows-plugins-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e87825efe9006ca3d435869b276f0d8526a1255ec71ac6e7aa0ea1bb068b6673 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Malicious code in textwrap-ext (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 da4e8d5daae9a14e0ceb5a942afd308068957ec655cdd950b2b041934e9ec182 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...
MAL-2026-3408 Malicious code in textwrap-ext (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 da4e8d5daae9a14e0ceb5a942afd308068957ec655cdd950b2b041934e9ec182 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...
Malicious code in textwrap-toolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 029e190fc99763d65a096339b29fa85aeb0a23c3818a632a2dd4dc99f3e8fd64 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new authorized SSH key...
Malicious code in runtime-readout (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db23da97c424ee374983aaaa3b955d423abe32f91c024f372142dc234ae522d3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in st-payment (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5bcf8605142a71ab3977537d339f48dfc102fcb49ce37c8f6b74c6b8af38988d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in chaostoolkit-turbulence (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0d12e5d6a53ae410fe90d76b8da4f9f117a8891e73a678c5b5f49059ad31fa6b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2240 Malicious code in magtape (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6f476b63043b398a38eb28706575478aab4fb04820ce16d7836e726df21a1a93 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1285 Malicious code in demozecox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in p7zip-full (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-248 Malicious code in dify-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a40038bb1837e98127f2e267d1932d1eeb641c93e855c50af9aa25002e28c76b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191812 Malicious code in peptest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1230d903d5782f1a6d2d779ada368260f2c32d9e4f74bfd3ddd8f4df9c570572 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2025-8108
An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...
CVE-2025-5452
A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the...
CVE-2025-6298
CVE-2025-6298 affects Axis devices running ACAP, where improper input validation during ACAP installation can allow elevation of privileges. The issue only applies if the device is configured to permit unsigned ACAP applications and a user installs a malicious ACAP package. The CVSS 3.1 base metr...
Malicious code in huzzleup (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 96519e802e0761cc6f22ffc2dde7aee04fc6806f5831c1e98c15512792a3cd1d Package simulates malicious activity during installation and has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest package...
EUVD-2020-27590
Malware in sbrugna...
Malicious code in gnosis-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 42112b8b2e7c96d9c3a5a188bebf3539cba140ccfdcc721ea9952259b8893721 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2025-24222
Malicious code in bioql PyPI...