MAL-2025-968 Malicious code in reqeuts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7f01ab0a32efcdc5ca1ef531f49392818b05b088503759e97611a529f61c37e5 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...

MAL-2025-999 Malicious code in utilitypyfunc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2aaf64ae76493cf55c8b9e418bc3408f9e309b5c6a590a2ad528beb5ae8dbcc0 Importing the package starts the thread that gets and executes code from the remote server. The package description suggests a rather spam than malicious...

MAL-2025-919 Malicious code in discordbotpresence (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 feb07b6deb53d133f7121c755a98920d1753dd75c4099e51e4dcb84d650d84fa Package clones another package and hides a code to download and run a malicious exe file an infostealer with high VT detection --- Category: MALICIOUS - The...

MAL-2025-940 Malicious code in lan-clean (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b77907fa5398dac2959c2fa6cc7ab1c451a318803ca9efb40ea52487080609c3 During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

MAL-2025-942 Malicious code in langer-updater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d2e888da57bf1c53e73ed2092516a44aaf46e4876619d129b7e3e4966dfc71e During installation, the package collects quite extensive information about the host and has no other purpose. To avoid detection, the real code is put in a ZI...

Malicious code in rwoka (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 601385385b682f6bdaa31c763e64c5fafb16f22df60acd266c9c7f23f73208ee The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

MAL-2024-12342 Malicious code in rwoka (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 601385385b682f6bdaa31c763e64c5fafb16f22df60acd266c9c7f23f73208ee The package contains highly obfuscated content, that install another, downloaded from a remote location obfuscated script in the installation path of the...

MAL-2025-961 Malicious code in python-bitget-connect (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1797b7fdf9859888b5495817784ead0bdc01e6acad5ae410af1e1df89acbded6 Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...

MAL-2025-962 Malicious code in python-bitget-request (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bf787bcce66ad47046d93086a114a0f144b0f538b3d969fea6aea42b2312f58b Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...

MAL-2025-963 Malicious code in python-bitget-wrapper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 769187e87797e69e9ebfc00eb97274a91fea1c86b1472b4ef6436441f737c8b9 Importing the module starts an obfuscated PowerShell code, which downloads and executes a remote script. On Windows, the script appears to just start the...

aiogithubapi (=23.11.0), projectair (>=0.8.0 <=1.0.0) +3 more potentially affected by CVE-2024-55655 via sigstore (>=2.0.0rc3 <=3.5.6)

sigstore PYPI version =2.0.0rc3, =0.8.0, =0.0.1, =0.0.6, =0.1.0, =0.14.0 Source cves: CVE-2024-55655 Source advisory: OSV:GHSA-HHFG-FWRW-87W7...

aiogithubapi (=23.11.0), projectair (>=0.8.0 <=1.0.0) +3 more potentially affected by CVE-2024-55655 via sigstore (>=2.0.0rc3 <=3.5.6)

sigstore PYPI version =2.0.0rc3, =0.8.0, =0.0.1, =0.0.6, =0.1.0, =0.14.0 Source cves: CVE-2024-55655 Source advisory: SNYK:PYTHON-SIGSTORE-8496397...

PYSEC-2024-154 A number of releases of ultralytics contained malicious crypto miner software.

Ultralytics has identified a supply chain attack affecting affecting multiple versions of the ultralytics package. The compromised versions contained unauthorized code that downloaded and executed cryptocurrency mining software when instantiating YOLO models. This code was injected into the PyPI...

Ultralytics AI Library Hacked via GitHub for Cryptomining

A supply chain attack on Ultralytics exploited GitHub Actions to inject malicious PyPI packages. Discover how it unfolded and the steps to mitigate the risk...

MAL-2024-11735 Malicious code in unzipxz (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11733 Malicious code in treadtools (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in testlibrary128982 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11725 Malicious code in testlibrary128982 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11720 Malicious code in test-hwp-uwp (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-11718 Malicious code in taoreg (PyPI)

--- -= Per source details. Do not edit below this line.=-...