Malicious code in sintok (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ac54e69b2c1c8f39c9a938ce34d0f0382a0185aa821e4d8e6eaeaac1c456ecb Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...

MAL-2025-191869 Malicious code in sintok (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ac54e69b2c1c8f39c9a938ce34d0f0382a0185aa821e4d8e6eaeaac1c456ecb Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...

MAL-2024-12185 Malicious code in dscss (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron fb41535db040ebc6147f3cfe1bfc3f5638402e85fc889d78d6101814d6f4bc10 This package contains a highly obfuscated code and executes the code in a long hexadecimal string...

Malicious code in dscss (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron fb41535db040ebc6147f3cfe1bfc3f5638402e85fc889d78d6101814d6f4bc10 This package contains a highly obfuscated code and executes the code in a long hexadecimal string...

MAL-2024-12342 Malicious code in rwoka (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 601385385b682f6bdaa31c763e64c5fafb16f22df60acd266c9c7f23f73208ee The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

MAL-2024-12287 Malicious code in hmac2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 055915f62eab8a5fe37b7501a3ed565a2aba267bdd69e82acaa13525bacf41a1 The package contains obfuscated code that exfiltrate basic data, and then executes commands delivered from remote server --- Category: MALICIOUS - The campaign...

Malicious code in hmac2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 055915f62eab8a5fe37b7501a3ed565a2aba267bdd69e82acaa13525bacf41a1 The package contains obfuscated code that exfiltrate basic data, and then executes commands delivered from remote server --- Category: MALICIOUS - The campaign...

Malicious code in cobo-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f1c1c4efd134e130c04178382ff3ea318301fb18b5eb6eed696c49cf64e9ad6 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

MAL-2024-12239 Malicious code in cobo-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f1c1c4efd134e130c04178382ff3ea318301fb18b5eb6eed696c49cf64e9ad6 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

Malicious code in cobo-custdoy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1bb6da528665b6d869e583cb594f1f0cc7e7ccaf8cc5a7a859c0db9e7fa80c19 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

Malicious code in esdjiw (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser --- -= Per source details. Do not edit below this line.=-...

Malicious code in hwieiur (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

MAL-2024-8728 Malicious code in hwieiur (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

MAL-2024-8727 Malicious code in esdjiw (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser --- -= Per source details. Do not edit below this line.=-...

MAL-2024-8730 Malicious code in ywoeuwe (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

Malicious code in ywoeuwe (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

Malicious code in noblox-ts (npm)

This package is considered malicious because it contains a heavily obfuscated postinstall.js script with multiple stages of payload execution, resulting in the delivery of QuasarRAT. This allows command and control by a malicious actor. --- -= Per source details. Do not edit below this line.=-...

Malicious code in bugsnagmw (npm)

The package bugsnagmw npm version 1.0.3 contains malicious code. The code was obfuscated to avoid detection. The malicious code is designed to steal sensitive information from the user's environment and send it to a remote server. See...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 CVE-2024-3094 is a critical security vulnerabili...

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Introduction The crimeware landscape is diverse. Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, we have written private reports on a wide range of topics, such as new cross-platfo...