Lucene search
K

365 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/28 8:17 p.m.5 views

Malicious code in roboats-addition (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f9c3e8c3efcca9a56765d765638b1f7a25769a8a94693c4f391804337be55fcf During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSV
OSV
added 2026/03/26 8:49 p.m.4 views

MAL-2026-2244 Malicious code in fluxhttp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2669b72303bd592ba1633febc04bca1f0a8804d8546baf21b5f3f12baaa80f29 Malicious clone of a legitimate package. When using it, the code attempts to download and execute remote code. In on of the incarnations, the malicious code wa...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 10:20 p.m.8 views

Malicious code in target-iceberg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 95793a2b88fbc5bdaa5d42387e7472b796fe34c61959909a928f534137c101d9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/24 7:30 p.m.7 views

MAL-2026-2138 Malicious code in open-vp-cal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab8c06b5d7e9b98d62708ab7377d9e18a214e884c69b0c7217979121aed06917 When executing the module, the code installs a package from a remote location. The remote package contains malicious code exfiltrating selected env variables a...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/23 10:53 p.m.8 views

MAL-2026-2120 Malicious code in logutilkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 25a26f2dc6e0a8e2ba3bd43492fbffa597b39065e3f3378ea976dcabddf8fbf8 Malicious clone of a legitimate package. When using it, the code attempts to download and execute remote code. In on of the incarnations, the malicious code wa...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/03/23 9:41 a.m.9 views

MAL-2026-2084 Malicious code in license-utils-kit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...

6AI score
Exploits0References4
OSV
OSV
added 2026/03/20 9:3 p.m.3 views

MAL-2026-2006 Malicious code in mangrove-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/20 10:32 a.m.4 views

MAL-2026-1988 Malicious code in dataflux-pytorch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 486e56ad4de2a59b9c8890d854505075b556ca6920be97f850a14c7d648f7f3b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/19 5:37 p.m.4 views

MAL-2026-1933 Malicious code in libavcodec-extra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00a68b4208fb4614b815e8a867c2155a8667b424e6457e3b72da362edbad9615 During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/18 12:15 p.m.7 views

MAL-2026-1904 Malicious code in loveclose (PyPI)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 6:20 a.m.5 views

MAL-2026-1543 Malicious code in aniresolve (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c29943544c9e6ba7e0a3075c393fa1fa89673c99b73634c0263ef164e52ac306 Package hides code that downloads and runs malware, likely an infostealer. The code is not directly called in the package suggesting it's a dependency or next...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 11:34 a.m.11 views

Malicious code in fastapis-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69baeb910fc47c2e92e2a25cb1db7b5148b4773d193f15aecef4d708f69b1f6d The package clones a legitimate library and contains hidden code that executes remote scripts. During the analysis, the remote code was no longer available ---...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/02 6:48 p.m.7 views

Malicious code in wisecloudcyberark (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0e320bedb4902833dec6f929dff31967c3d37ce699cb0ed5bc586f36f36b25e During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/25 7:42 p.m.8 views

Malicious code in neural-compressor-jax (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb1f58a45ef1a06954d1807517faea8790a771906e95a98d571587558244ea3f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/02/20 10:16 a.m.6 views

ROOT-APP-PYPI-CVE-2023-40611 CVE-2023-40611 in rootio-apache-airflow - Patched by Root

Root has patched CVE-2023-40611 in the rootio-apache-airflow package for Root:PyPI. Multiple fixed versions available...

4.3CVSS5.4AI score0.01305EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/17 11:17 p.m.7 views

Malicious code in easyreg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/13 10:27 a.m.11 views

Malicious code in arrayvec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 39346af7e82bdb4aa8dca53b864258b9ffe328ea982aa3009b62b84d174ebe29 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/11 2:8 p.m.8 views

Malicious code in config-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f672e0a6f875d710a8851da211ff30828bda3755c9f9aebcb56fd0430b134ae5 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/08 10:19 p.m.10 views

Malicious code in teligram (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8090b17ada40e394e1d9df27c6fe6c22db7eed330f00e44ee1cc4d94bfbf3fef Package contains a Telegram bot for remote control of the machine. While this doesn't start automatically, this behavior is not disclosed by the package...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/08 7:41 a.m.6 views

MAL-2026-810 Malicious code in thread-pipeline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d7de9849aa6d6194b8d6fdf574c6c56c3de7cb75ad338f2428fc7f1374e4280 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Rows per page
Query Builder