Lucene search
K

100 matches found

OSV
OSV
added 2026/01/22 8:58 p.m.6 views

MAL-2026-469 Malicious code in cflashfiles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d8c5174968b7dedf000076201fe6446018aa61048b6a77fc8bc42e16bb796fd9 Malicious clone of legitimate fsspec package. The code was modified to exfiltrate specific files on import. --- Category: MALICIOUS - The campaign has clearly...

5.7AI score
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-54315

Malicious code in bioql PyPI...

6.6AI score
Exploits0
OSV
OSV
added 2025/07/31 7:16 p.m.9 views

MAL-2025-6599 Malicious code in terraform-binary-wheel (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/31 7:16 p.m.8 views

MAL-2025-6579 Malicious code in runway-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab69fc94c1b9d37312b22a4c970856a3b27f84b4f7e957ff2771a2244a527264 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/07/31 7:15 p.m.6 views

MAL-2025-6550 Malicious code in moxel-python-driver (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/31 7:14 p.m.9 views

MAL-2025-6498 Malicious code in duc193 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/16 7:30 p.m.3 views

MAL-2025-6538 Malicious code in logghelper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2a5f0848002e1727d885bdf20c39e4949fd9609a4df5164a8c42ccc870aa6736 Code attempts to download and run malware, as well as keeps ability to execute files sent via Telegram C2 channel --- Category: MALICIOUS - The campaign has...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/07/05 11:5 a.m.7 views

MAL-2025-6565 Malicious code in pipmodule83 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 95b01ea01a7fd1ff5e52491e6b143aa98f45a6f331814222fe38e76ad3ac0863 If run as a module, the package downloads and executes a remote script. At the time of check, the remote script was just opening a popup; thus it's not...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/07/01 4:5 p.m.3 views

MAL-2025-6575 Malicious code in rehttps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 08172961784989f62b2b0793fa7686e1c25883883f790293df61591aa2fc6940 During installation, package attempts to download and starts an executable. The package itself is a clone of requests --- Category: MALICIOUS - The campaign ha...

7.4AI score
Exploits0References2
OSV
OSV
added 2025/06/18 10:15 a.m.8 views

MAL-2025-5137 Malicious code in solana-data (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/16 6:45 a.m.27 views

PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments

Cybersecurity researchers from SafeDep and Veracode detailed a number of malware-laced npm packages that are designed to execute remote code and download additional payloads. The packages in question are listed below - eslint-config-airbnb-compat 676 Downloads ts-runtime-compat-check 1,588...

8.1AI score
Exploits0
OSV
OSV
added 2025/06/07 2:5 p.m.2 views

MAL-2025-6449 Malicious code in atlasctf-21-prod-12 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 40759a1334b288bf1b2454e5df32ae973986c6e210d3261bde56c16dfc2fab22 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...

7.4AI score
Exploits0References1
OSV
OSV
added 2025/06/07 2:5 p.m.4 views

MAL-2025-6453 Malicious code in atlasctf-21-prod-16 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 57c6acfcb3c6bb659cac9b311e2cc25e72f3ab57d80e3403b70b7e05a2a06ed9 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...

7.4AI score
Exploits0References1
OSV
OSV
added 2025/06/07 2:5 p.m.4 views

MAL-2025-6451 Malicious code in atlasctf-21-prod-14 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53e97c9ccd81536ef4d3b1aacb14600cc31b01f8bf00b53326458e485459c7e4 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...

7.4AI score
Exploits0References1
OSV
OSV
added 2025/06/07 2:5 p.m.3 views

MAL-2025-6450 Malicious code in atlasctf-21-prod-13 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 773b90b87addef84f41e3bec0ed50198f5217f97c58686c8700726e2c5911f39 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...

7.4AI score
Exploits0References1
OSV
OSV
added 2025/05/22 12:33 p.m.2 views

MAL-2025-4266 Malicious code in web3-request-1-8-54 (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/05/22 12:33 p.m.2 views

MAL-2025-4212 Malicious code in colorate (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 5:49 a.m.38 views

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index PyPI repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are...

7.8AI score
Exploits0
OSV
OSV
added 2025/04/23 4:6 p.m.3 views

MAL-2025-3480 Malicious code in web3connectpy (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2025/04/23 4:6 p.m.3 views

MAL-2025-3472 Malicious code in sxz (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Rows per page
Query Builder