Lucene search
K

9169 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/08 4:29 p.m.7 views

Malicious code in demozecosse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd7840785d53d90edc61c6138072f4ed7a01b35dd05d76d9d6f5343ec93bff7 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/08 2:52 p.m.5 views

Malicious code in demozecox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/08 2:52 p.m.5 views

Malicious code in demozecosso (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ca3839025ccad67334436cff10b99fc2c407515ed2d9a4e146d11b253b356c8a Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/08 2:15 p.m.6 views

Malicious code in py-sysbench (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/07 2:37 a.m.6 views

GHSA-QR2G-P6Q7-W82M x402 SDK Security Advisory

Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 5:39 p.m.7 views

Malicious code in flowfix (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/02 11:51 p.m.10 views

Malicious code in roku-aihub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 19b48d460fde1b6b9802a2f2b7d93928f89b0474235adc54553971ed4575e5df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6.1AI score
Exploits0References1
OSV
OSV
added 2026/03/02 6:48 p.m.4 views

MAL-2026-1140 Malicious code in heimdal-credentials (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 44b549b64558430b61d35bb2eb2cfcf8ec15d75bacb38af8f34deafe5d6add2c During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/03/01 10:0 a.m.3 views

MAL-2026-1097 Malicious code in botbooster (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ac97422a8ea78df8c5538d0dbada7aad5720510773f1855cf5e4b5a9cbc56cb When using the provided function, code exfiltrates the sensitive token from local settings.json to the hardcoded location. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/01 10:0 a.m.9 views

Malicious code in botbooster (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ac97422a8ea78df8c5538d0dbada7aad5720510773f1855cf5e4b5a9cbc56cb When using the provided function, code exfiltrates the sensitive token from local settings.json to the hardcoded location. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSV
OSV
added 2026/02/28 10:36 p.m.5 views

MAL-2026-1092 Malicious code in jwrincident (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad20c4d6c73e649f0907879ef431132bb1566c890b55d8c5933abc09e10085fd During installation, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/28 4:43 p.m.11 views

Malicious code in bladebit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f415139e8d21831bbadeb09351ae32306980ae4de3692fc6cafc1d72c2b99e28 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6.1AI score
Exploits0References1
Snyk
Snyk
added 2026/02/26 9:21 a.m.7 views

Malicious Package

Overview clawdist is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

9.8CVSS6.1AI score
Exploits0References2
Snyk
Snyk
added 2026/02/26 9:21 a.m.6 views

Malicious Package

Overview polyutil is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

9.8CVSS6.1AI score
Exploits0References2
Snyk
Snyk
added 2026/02/26 9:21 a.m.6 views

Malicious Package

Overview magichat is a malicious package. that utilizes typosquatting to infiltrate developer environments via PyPI. Once installed, it executes obfuscated payloads designed to harvest sensitive data, including environment variables, cloud credentials, and SSH keys. This stolen information is...

9.8CVSS6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/23 4:0 p.m.9 views

Malicious code in cnnct-eaas-corre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 2111dcd49405f8c078842cf7af9cfe21ddb54f558d66f2949da752d0e62cddd1 This package appears to be a typo-squatting attempt targeting connect-eaas-core...

5.3AI score
Exploits0
OSV
OSV
added 2026/02/22 4:48 a.m.17 views

MAL-2026-979 Malicious code in home-robot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5296b22d674fc768fb08662c83b8de3fd07455f6fc2d4f7b433319551cb808e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/20 10:16 a.m.5 views

ROOT-APP-PYPI-CVE-2022-38170 CVE-2022-38170 in rootio-apache-airflow - Patched by Root

Root has patched CVE-2022-38170 in the rootio-apache-airflow package for Root:PyPI. Multiple fixed versions available...

4.7CVSS5.4AI score0.00593EPSS
Exploits0
OSV
OSV
added 2026/02/20 10:16 a.m.6 views

ROOT-APP-PYPI-CVE-2023-35908 CVE-2023-35908 in rootio-apache-airflow - Patched by Root

Root has patched CVE-2023-35908 in the rootio-apache-airflow package for Root:PyPI. Multiple fixed versions available...

6.5CVSS5.4AI score0.00757EPSS
Exploits0
OSV
OSV
added 2026/02/17 11:17 p.m.7 views

MAL-2026-932 Malicious code in easyreg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...

5.6AI score
Exploits0References3
Rows per page
Query Builder