Lucene search
K

9169 matches found

OSV
OSV
added 2026/02/05 4:40 p.m.4 views

MAL-2026-766 Malicious code in greeter-pro-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/05 2:30 p.m.5 views

MAL-2026-762 Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 8:43 a.m.8 views

Malicious code in pipelinepoision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/05 8:43 a.m.5 views

MAL-2026-759 Malicious code in pipelinepoision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/04 7:29 a.m.3 views

MAL-2026-732 Malicious code in gridifys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5ce4a5dacaa769b90c359a5f03065f1d0418808b1ff366fe0d9cf6e21da4dd2 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 11:52 a.m.10 views

Malicious code in serpapi-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a4ca074b37aa16372f05eaf3d15abe0f987e04793af53eade69fba1ae9cb405 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 10:31 a.m.9 views

Malicious code in filespath (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 556cf54f0093609b5c80263f0ba00056293592e66eb2a212454692e9cca38a35 Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 9:32 a.m.8 views

Malicious code in tokyo-ppe-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c5907d5bd4d20875048608d41ca58ea06687c84a0c7804cc83f3c3d706ff5fe4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/02 9:8 a.m.9 views

Malicious code in callapirequests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/02 6:52 a.m.8 views

Malicious code in connections-api-request (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/02/02 6:52 a.m.5 views

MAL-2026-640 Malicious code in connections-api-request (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cbd9a8004eda10de0059f97712efe95c76e4302c5da5ff83e7fe3bdd3abd381b Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/29 1:57 p.m.6 views

Malicious code in theanswre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a5007e2f06a55345366f95d0073e9980436e74745540a4e9b43c8a1836c4bef The OpenSSF Package Analysis project identified 'theanswre' @ 0.2.4 pypi as malicious. It is considered malicious because: - The package execute...

5.9AI score
Exploits0
OSV
OSV
added 2026/01/29 1:57 p.m.8 views

MAL-2026-627 Malicious code in theanswre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a5007e2f06a55345366f95d0073e9980436e74745540a4e9b43c8a1836c4bef The OpenSSF Package Analysis project identified 'theanswre' @ 0.2.4 pypi as malicious. It is considered malicious because: - The package execute...

5.9AI score
Exploits0
OSV
OSV
added 2026/01/28 9:9 p.m.41 views

PYSEC-2026-1 A single post-release of dydx-v4-client contained obfuscated multi-stage loader

A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/28 7:48 p.m.7 views

MAL-2026-595 Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

6AI score
Exploits0References1
OSV
OSV
added 2026/01/28 5:56 p.m.5 views

MAL-2026-593 Malicious code in pypi-package-explore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/01/28 9:30 a.m.8 views

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Cybersecurity researchers have discovered two malicious packages in the Python Package Index PyPI repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan RAT. The packages, named spellcheckerpy and spellcheckpy , are no longer available on PyPI, but...

6.2AI score
Exploits0
EUVD
EUVD
added 2026/01/25 4:56 p.m.5 views

EUVD-2026-4643

Malicious code in selenium-integration PyPI...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/25 11:13 a.m.3 views

EUVD-2026-4644

Malicious code in flask-hookserver PyPI...

5.5AI score
Exploits0References1
EUVD
EUVD
added 2026/01/25 10:8 a.m.3 views

EUVD-2026-4648

Malicious code in test-poc-package-for-session PyPI...

5.5AI score
Exploits0References1
Rows per page
Query Builder