188 matches found
Malicious code in filespath (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 556cf54f0093609b5c80263f0ba00056293592e66eb2a212454692e9cca38a35 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
MAL-2026-701 Malicious code in filespath (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 556cf54f0093609b5c80263f0ba00056293592e66eb2a212454692e9cca38a35 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
Malicious code in pathlib-v2-utility (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8dc8b60e188fb941aeb9f5b6207d2c0fcab27719a142558498bf72d1602d992 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
MAL-2026-697 Malicious code in pathlib-v2-utility (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8dc8b60e188fb941aeb9f5b6207d2c0fcab27719a142558498bf72d1602d992 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
MAL-2026-696 Malicious code in pathfiles (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a96d53709493a07432f8619b9ca322fef0fb4bf9080a02da7e8f6bc03353b3c0 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
MAL-2026-651 Malicious code in cat-admin-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34286533490c9ad41743b1eea6659d9c4fd3e62d1a830658b90840f3c49a6c8c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
Malicious code in cat-admin-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34286533490c9ad41743b1eea6659d9c4fd3e62d1a830658b90840f3c49a6c8c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
Malicious code in chia-pool-reference (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51f7e4eb8c8b82bd7c7514255d0eb51dddc657c4b06845232ad8490a514a139c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
MAL-2026-652 Malicious code in chia-pool-reference (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51f7e4eb8c8b82bd7c7514255d0eb51dddc657c4b06845232ad8490a514a139c Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
Malicious code in credit-decision-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4a0320017dad96c95d4741c311ead566b7d6bea0c7ffdceea82b435ce74a40de Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
MAL-2026-653 Malicious code in credit-decision-metrics (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4a0320017dad96c95d4741c311ead566b7d6bea0c7ffdceea82b435ce74a40de Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
Malicious code in zabitog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 23d4c7f55266f10f23ddf4a743bb4222b920c0e7f4472c1572a51831a3d1f247 Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
MAL-2026-654 Malicious code in zabitog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 23d4c7f55266f10f23ddf4a743bb4222b920c0e7f4472c1572a51831a3d1f247 Obfuscated code is used to hide exfiltration of basic data hostname, etc.. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but...
MAL-2026-618 Malicious code in learning-curve-projects (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 535d27590bc02eadc7c52e7179ac183cfaac3079b16ae34a204e55b3e145ae62 Package contains hidden highly obfuscated code that is loaded during importing the module. --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in learning-curve-projects (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 535d27590bc02eadc7c52e7179ac183cfaac3079b16ae34a204e55b3e145ae62 Package contains hidden highly obfuscated code that is loaded during importing the module. --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in fastpi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2928970260fda87aaa57272b8042ae1a9661ad1a1bdeec1e73903e84ce3354cd Malicious copy of the legitimate FastAPI. The modification loads code encrypted in one of the attached files. The final, highly obfuscated code is most likely...
MAL-2026-504 Malicious code in researchpoc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20a5e6f7ec432b0c41646f696c530fb5e46e034477a23d448de1ac3f18172bec Package mentions being a research PoC, probably for dependency confusion, but the code is obfuscated making verification of the claim impossible. --- Category:...
Malicious code in researchpoc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20a5e6f7ec432b0c41646f696c530fb5e46e034477a23d448de1ac3f18172bec Package mentions being a research PoC, probably for dependency confusion, but the code is obfuscated making verification of the claim impossible. --- Category:...
Malicious code in aiihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-36 Malicious code in aiohtto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9338a4f3f167cf0ba279696ac9ae9bae26219391e2a87a805cc8bb92b4cddd6e Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...