MAL-2025-6529 Malicious code in jirawrapped (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 22cb10a2f4a514eac4296e09281b5b08784e62d6616a520e032e563d69a0e6e1 During installation, the package attempts to exfiltrate browser history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2025-6575 Malicious code in rehttps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 08172961784989f62b2b0793fa7686e1c25883883f790293df61591aa2fc6940 During installation, package attempts to download and starts an executable. The package itself is a clone of requests --- Category: MALICIOUS - The campaign ha...

MAL-2025-6615 Malicious code in wallet-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c83a3acdf0b02acc2a9af7cf885f2f744a154847edc66e1264ee1c38d8d7b984 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-6620 Malicious code in walletutility (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2977792a67d074770c5080ac055addab8c5bf6b77bf203132fb2c67f32091a6 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-6618 Malicious code in walletsutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 98651db61cea6613aac5b784cf567a82461f39c8cfa2c7634504ea2708989408 Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-6617 Malicious code in walletsdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 24b8f8046f66b9996b1f2169f1034b1c35f0760e09d4e91e712d0b3a36a88d6e Package silently exfiltrates the provided mnemonic --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-6545 Malicious code in managment (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 754c9b609bb8dafc0fd21d141cd216744d9f2aa1f23898990c52e872fdc23e1a Installing the package starts a revshell and download and starts a remote script depending on version, different malicious functionality. The name seems to...

MAL-2025-6596 Malicious code in sqiul83 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 67d309c2d4c740426c07cc17768f6313eebd765242e7e4a63aa04213d21358ea During installation of the source package, it attempts to silently download and start a remote executable. At the time of analysis, the downloading link did no...

Malicious code in hashidf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 126b111d14601f2ff653938378c5e6d0f534439f0eac8db7984dfe7aa0f20b52 If ran as a module, the package silently starts a binary hidden in a txt file in the background. At the moment, it appears to be PuTTy, and without additional...

Open Source, Open Threats? Investigating Security Challenges in Open-Source Software

Open-source software OSS has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to increased exposure to vulnerabilities and attack surfaces...

MalGuard: Towards Real-Time, Accurate, and Actionable Detection of Malicious Packages in PyPI Ecosystem

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning ML models to large language models LLMs. However, as the complexity of the...

MAL-2025-5137 Malicious code in solana-data (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5135 Malicious code in solana-charts (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5134 Malicious code in solana-chart (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5128 Malicious code in requestpacket (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5107 Malicious code in colorizator (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5098 Malicious code in blackspammerbd-workout (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5095 Malicious code in aliyun-ai-labs-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6470 Malicious code in bulktweetbyref (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b6e44fa722cba73a0757878305b8641ff0539e6c32ffff20b9484ce39ce6a1aa Using the function simulates some behavior, but then download and runs an Infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

MAL-2025-6471 Malicious code in bulktweetplus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3f66a670d67e37fec4746d5aaf53be9e2f5267c68b667f1becdb55f8d75ce70a Using the function simulates some behavior, but then download and runs an Infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like...