Malicious code in merino-common (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61117d9c074586912421f9fe2104b792a0eb2a359dd1c6e9c8548bc2aa299dd0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5820 Malicious code in node-scraper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 52aa9bb0c23cd9126412a9477da59431309521a78dd65e807b7dd198367d0a83 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5811 Malicious code in gigl-core (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 28903f76bed2e89a18c9c276d62c95bb089a091020f89f35f7d2800ef6a3bce3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in sl-pgp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53bd44f0ef91bd7b2757153e06bc9a7b697aba1af30af9bc6a6ccb71d7a3012a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-5819 Malicious code in mozautomation (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 26d0e7dfb965969f23786d4bde7d70e597b83df522434aea471171d48442cd12 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in llmfree (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e779d2361b98c48a801fb29dedf2931f94b4264314d074895e14482ad0d5a15f During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

Malicious code in generatellm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31201af7035560c0798b46e67a374b9526a7e8ed2f856235e5eb0438d1a8d080 GenerateLLM 2.23 is a hollow PyPI package placeholder metadata, no functional code under src/, only an egg-info directory whose entire payload is an...

Malicious code in easyaillm2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f532239be50513698758c81009444ff49bcf4a140fab11734107d81c4eab6684 On pip install easyaillm2, setup.py fetches a raw text body from https://pastebin.com/raw/yBcUM1QB and passes the first line directly to os.system'cm...

Malicious code in easyllmai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4589bbb71e0bb3589a162bf2102bba5e8bf7124d3988235647d1e3c1d01821d0 During pip install, setup.py performs an unauthenticated HTTP fetch of https://pastebin.com/raw/yBcUM1QB, takes the first line of the response, and...

MAL-2026-5756 Malicious code in easyaillm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6268f175708584b9c3de408c80de3dc1162f4d1ddedb1ce6201b90f409b0dea On pip install easyaillm, setup.py runs execbase64.b64decode... which decodes to code that fetches https://pastebin.com/raw/hEF5HaFc, treats the...

MAL-2026-5755 Malicious code in anthropickit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3e103a8a230b5fb3066fb0a9eb7f5fdf5831d4c7b71a9d83de54d8d6673eae2 On pip install, setup.py collects the contents of every file in /.ssh excluding knownhosts and authorizedkeys, so private keys are read, all...

MAL-2026-5702 Malicious code in flexitest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 17f4bae10d193f8128f50dd3010d283dc89016fa468fc8d9b428b5183c505b27 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in trongap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2553656bd35d7c309dad6694d67fed7f3b09788cab260bf3eb5fbce84d0149c4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

Malicious code in acme-widget-layout-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff800752007d4e55ddc8172e04c8d75ac04d61b499cc58d97f016cd34d70d6c4 On import, src/acmewidgetlayoututils/init.py executes a textbook reverse-shell pattern: it opens a TCP socket, duplicates the socket file descriptor...

Malicious code in hello-dynamic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 168dd7abca8ed812dcfb0119eaf80a2b05b186ee37a1e0c8f98e88f884a90602 Package attempts to test exploitation via legacy dependencylinks configuration --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages,...

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades , this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index PyPI registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems...

MAL-2026-5335 Malicious code in xfoobar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a54c1c17d20a069af19c48751aada9e426bcbf55484c360cf21ac70f35d3d0dd During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

ROOT-APP-PYPI-CVE-2026-41182 CVE-2026-41182 in rootio-langsmith - Patched by Root

Root has patched CVE-2026-41182 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-28802 CVE-2026-28802 in rootio-Authlib - Patched by Root

Root has patched CVE-2026-28802 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...

CVE-2026-45758

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...