4 matches found
Malicious code in polymarkets-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 facfcba74011619f5bb2eaf096e41239f81520cb4effff3b45f8b42c84d42060 During import, the code attempts to exfiltrate to a hardcoded location sensitive data, including private SSH keys, cloud credentials and Windows SAM database...
MAL-2026-2403 Malicious code in polymarkets-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 facfcba74011619f5bb2eaf096e41239f81520cb4effff3b45f8b42c84d42060 During import, the code attempts to exfiltrate to a hardcoded location sensitive data, including private SSH keys, cloud credentials and Windows SAM database...
RUSTSEC-2026-0015 `polymarkets-client-sdk` was removed from crates.io for malicious code
It appeared to be typosquatting existing crate polymarket-client-sdk polymarkets vs polymarket and attempting to steal credentials from local files. The malicious crate had 1 version published on 2026-02-19 an hour before removal and hadn't been downloaded. There were no crates depending on this...
`polymarkets-client-sdk` was removed from crates.io for malicious code
It appeared to be typosquatting existing crate polymarket-client-sdk polymarkets vs polymarket and attempting to steal credentials from local files. The malicious crate had 1 version published on 2026-02-19 an hour before removal and hadn't been downloaded. There were no crates depending on this...