8 matches found
Malicious code in easydicts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9206e6e8b697ab23f82a17cb169a867896f4f8469351b31cbb31f41bee662cee A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-6164 Malicious code in totohateinenkleinencock (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in pulllgtb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6341667aece2cf9ad356ffdec03001cfb70b2b65c319dbb72233a56728b5266e EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-1869 Malicious code in gitpyton (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx d39d96e3327ddf1d861e31e3a93ce2d4f34b271aa502f69ae8fc2db97141a7b4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2009 Malicious code in prompt-ttoolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 83a7c035b47cdee736e3de62713b91b185c29321810f07db52665cb4c7dcabdc Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1968 Malicious code in prgressbar2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx a4b129eb541c6ba1a0ccbdc53334cf0fe053213a195e9d367e5b7a53e858fcbe Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1656 Malicious code in bitcoilib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx aa8307b31e8811c8bdb1dc26ec8850c339ef0b6740eb09afa0b1deec22a3f5a7 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls
In yet another campaign targeting the Python Package Index PyPI repository, six malicious packages have been found deploying information stealers on developer systems. The now-removed packages, which were discovered by Phylum between December 22 and December 31, 2022, include pyrologin,...