Malicious code in private-evolution (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0fcdd3ad61af1881ab9e5e8b9fb871a0e142868c0be585594fcd32b5f069f6c Package is just calling home and there is no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anything th...

GHSA-VXMW-7H4F-HQXH PyPI publish GitHub Action vulnerable to injectable expression expansions in action steps

Summary gh-action-pypi-publish makes use of GitHub Actions expression expansions i.e. $ ... in contexts that are potentially attacker controllable. Depending on the trigger used to invoke gh-action-pypi-publish, this may allow an attacker to execute arbitrary code within the context of a workflow...

Malicious code in learning-pypi-demo-nisimi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0b3a0d62b36ae3a2e643a327b7cf5b88366d4a8a89381eca570f34c453f1eaf4 Installing packages exfiltrates data different in different packages and versions or run revshells --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-47782 Malicious code in learning-pypi-demo-nisimi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0b3a0d62b36ae3a2e643a327b7cf5b88366d4a8a89381eca570f34c453f1eaf4 Installing packages exfiltrates data different in different packages and versions or run revshells --- Category: MALICIOUS - The campaign has clearly malicious...

MAL-2025-41774 Malicious code in testcase100 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41767 Malicious code in spykes (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41763 Malicious code in some-other-package (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41748 Malicious code in reversepkg (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Linux Distros Unpatched Vulnerability : CVE-2020-13328

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. GitLab was vulnerable to a stored XSS by using the PyPi files AP...

Malicious code in xx-ent-wiki-sm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5ebf0745c51c955dbe898efb0f6b721f30dd75edc24b4ee234e8574cee3da9d3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191651 Malicious code in my-first-pypi-demo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f789a8192ed7a62a0fa9327e495ac8ca2658ff556673ca8d207f7954204ec160 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in hashstation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4f136247c8a57eee83a1a36ee355c982d900b5f5b570a0936dc1df68db6d5f2 When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...

Malicious code in jsonist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818 Calling a method starts downloading and starting an infostealer script --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

Malicious code in titifel-pypi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 246211906386c6795c3728d15bf42f5b9083257d1964d8dc21bcda833dd6363c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-47804 Malicious code in titifel-pypi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 246211906386c6795c3728d15bf42f5b9083257d1964d8dc21bcda833dd6363c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

PT-2025-32302

Name of the Vulnerable Software and Affected Versions uv versions 0.8.5 and earlier Description uv is a Python package and project manager written in Rust. Versions 0.8.5 and earlier handled remote ZIP archives in a streamwise fashion without reconciling file entries against the archive’s central...

MAL-2025-6794 Malicious code in num2words (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 36822c42f7e862f29cef9734efec9a9a9cc44a80e619e954dd25c12239d15767 The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code...

MAL-2025-191690 Malicious code in bh-25-req-ase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ddd759ada90b89401904e23b4e8cbe6a3021baf3c34495150b4a713ca7063be0 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...

Malicious code in thisisthedaventestz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d5f510bfda1aeb6999f77b06597e760e13d4058dab2a7f8620bf8c561db5d39c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

num2words subjected to phishing attack, two versions published containing malware

The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...