Lucene search
K

9169 matches found

OSV
OSV
added 2026/02/17 8:18 p.m.7 views

MAL-2026-930 Malicious code in telebot-info (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61aec9d37a402659928293fb6a151f72f9de1194a73a519f7e1595e5ed5b719b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/17 4:31 a.m.11 views

Malicious code in polyutil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 31a0fc68eee0841a78740fd3e3748171612b871b58bf9f3e52b4fa35bed64774 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

6.3AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/16 11:20 a.m.9 views

Malicious code in alibabacloude (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c45df7f85cfaba4bf141f0a17ba2d0987e080131bab1f1233798a1287d63fa7f Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/16 7:9 a.m.6 views

MAL-2026-913 Malicious code in groq-ppe-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 517d20a09a1e53ce02484aa25ab2483ef75022e96f76d72fe3125bc1e16a359d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/02/12 4:55 p.m.10 views

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index PyPI repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference...

5.9AI score
Exploits0
OSV
OSV
added 2026/02/12 7:55 a.m.4 views

MAL-2026-868 Malicious code in pydantics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dda36b358c57e79abf804d53d4750cf2836f930b07aa524c0b5c4d231d92143f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/12 12:1 a.m.10 views

Malicious code in get-incorrect-name-bob (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb10edcf75f6463de2adaa0a621cf5fb215b5431a87d36a3b94e1910fb774ab While disguised as a dummy MCP server, the only real functionality is exfiltrating hostname on importing. --- Category: PROBABLYPENTEST - Packages looking like...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/11 8:58 a.m.6 views

MAL-2026-850 Malicious code in ntoctfutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f65404ba7442c7d16e3f569b7c84afc4d1df23f9497ac3a6101d5ec3c168956f Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/10 10:0 p.m.3 views

Malicious Package

Overview bigpyx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/02/10 10:0 p.m.5 views

Malicious Package

Overview graphlibx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/10 7:25 a.m.8 views

Malicious code in ntoutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/10 7:25 a.m.5 views

MAL-2026-823 Malicious code in ntoutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/09 9:12 a.m.7 views

Malicious code in skydeo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6e44bfc09c7d974ae07443b4c6af6fd3e4566e7761755cc89ba810713d2b6482 Importing the module exfiltrates all environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/08 10:19 p.m.5 views

MAL-2026-813 Malicious code in teligram (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8090b17ada40e394e1d9df27c6fe6c22db7eed330f00e44ee1cc4d94bfbf3fef Package contains a Telegram bot for remote control of the machine. While this doesn't start automatically, this behavior is not disclosed by the package...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/08 9:21 p.m.17 views

MAL-2026-812 Malicious code in hardixx-code (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c0eeb07f1a0f9149c6e22016d85bcc59e5d0bbbac9514fbef9a2ba0289bf75fe Version 1.0.2 introduced loading obfuscated code during importing the module. However, distributions uploaded to PyPI lack the necessary file storing the code...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/08 7:47 a.m.10 views

Malicious code in ccxt-bullish (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0729d9c3ad3f349ec626a97b7a265b1fd84f556bb1758af54adbc87bd29969f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/06 7:37 p.m.12 views

A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...

5.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/06 7:37 p.m.6 views

GHSA-4F84-67CV-QRV3 A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...

9.3CVSS5.8AI score
Exploits0References3
The Hacker News
The Hacker News
added 2026/02/06 8:40 a.m.9 views

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index PyPI repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the tw...

6.7AI score
Exploits0
OSV
OSV
added 2026/02/06 1:15 a.m.8 views

MAL-2026-774 Malicious code in adminbypasser (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 867991d0e6c74f15c2f231c002867172a4e03044a328676cf9b2ec07a7e48f68 Package silently downloads remote code and adds its execution to the autostart. During analysis, the remote domain no longer existed. --- Category: MALICIOUS -...

6.1AI score
Exploits0References1
Rows per page
Query Builder