126 matches found
MAL-2026-3694 Malicious code in mymaldependency (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38372ffa2ec19cee68f769508d95ffb4f5c1878aeae058ce3e7a33b947d06cf1 MyMalDependencypackage/init.py executes on every import: it calls os.uname and os.getcwd, writes the results to./trans.txt in the installer's working...
MAL-2026-3406 Malicious code in ggfmttygl-new (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2098233a75602dd1779f720f566420f4a88ec77694b206e7858323b5aeea38d5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...
Malicious code in ggfmttygl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e741cc1df48cc526ad3a27ac702f5dea403723557b4a485f84847340310d66e5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...
Malicious code in rogiant-quick-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 efdebb03bb05b0da602f813ad321bbc81c658ac1bec059a5a7fa73fed277a53b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3332 Malicious code in rogiant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rogiant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rostilesolver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eef0922e5bb8ba3371baad4b76542215ff15e445a9d6ed6fb5546230fe5da4df During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3250 Malicious code in rostilesolver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eef0922e5bb8ba3371baad4b76542215ff15e445a9d6ed6fb5546230fe5da4df During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in py-clob-clients (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7136140b365c314a42f5efe300779f093c40a41fb5c2258c7f5ff05c88eba2f8 Package exfiltrates env variables from .env files. It's a typosquatting of a legitimate package and is used in a malicious GitHub repository --- Category:...
MAL-2026-3213 Malicious code in funkratov-renderkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 78b5f3b4a8756df49b4a5eb41647e9dd20328da005f95869f81447355e2f7880 Package is prepared to exfiltrate .log and .txt files to the target already associated with exfiltrating sensitive data. --- Category: MALICIOUS - The campaign...
MAL-2026-3210 Malicious code in graphicsctxr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 10408decaf8cace14b8124fa392ee96996c3c91358cb454cbfcd45790d18cdf9 Package contains code to exfiltrate .env to a remote target. Prior to version 2.1.1, it also created a persistent backdoor via embedding a hardcoded SSH key...
MAL-2026-3194 Malicious code in robase-dnb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 24da23c2c626baf8f3c35e8c5000506cdadb4d8129d0e4350b262a0e3922d8c7 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rblx-http (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0078ee9b9f6221ab242c9f2442f86670e320a5058c306590b5e5b458066e414 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3193 Malicious code in rblx-http (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0078ee9b9f6221ab242c9f2442f86670e320a5058c306590b5e5b458066e414 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rblx-https (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b7d7435a6bcfd1a9437108a21af9ca6be7c60aa1e0c6e9e90a40ac43b26cf67 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3191 Malicious code in rblx-https (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4b7d7435a6bcfd1a9437108a21af9ca6be7c60aa1e0c6e9e90a40ac43b26cf67 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3192 Malicious code in ro-db (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd23f786275f7f9939deab001c8b06daaba21ad7dcb861fd6bb9cdd2e3d830c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3137 Malicious code in core-roblox-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51e9fdba29b05ebf3bb0fb66dcf05dd021562b52449128a930f28ff073b4e1d7 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3139 Malicious code in robase-start (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 827cc431e55560fd4944d6b7fa6c47e6adb5027a75fe949642630843b0c8702e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in robase-start (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 827cc431e55560fd4944d6b7fa6c47e6adb5027a75fe949642630843b0c8702e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...