9169 matches found
MAL-2025-191665 Malicious code in windowsrequir (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1e2404307bae09dee3c7fe01e272b488ca2da014d14ad2a740ed76c89634e8 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
Malicious code in hexdecli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14b72d96ce6a8700ee188783d301dc5f37cd7182ac8082491a75c582184309e4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in benign-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09477b048d84611002417894ccb3265d246be0156b096a8b47776960d45e9d3d Package hides an executable inside, and starts it when imported. The sandbox analysis shows only starting a calculator, which suggests it's a research attempt...
MAL-2025-191620 Malicious code in benign-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09477b048d84611002417894ccb3265d246be0156b096a8b47776960d45e9d3d Package hides an executable inside, and starts it when imported. The sandbox analysis shows only starting a calculator, which suggests it's a research attempt...
Malicious code in ethaddrlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9dc2b3682a4269e98a57e232f473846d94e0c74209349b54e1ccc5c669110c47 Package claims to validate mnemonic, a sensitive part of cryptocurrency system. The responsible functions, however, send given data to a remote service, and no...
Malicious code in aiohttp-openssl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67b219a81e6b2dd7db78b4b223da914ee7baefd0ab056940d3af0bc3b47846a0 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
MAL-2025-191617 Malicious code in aiohttp-openssl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 67b219a81e6b2dd7db78b4b223da914ee7baefd0ab056940d3af0bc3b47846a0 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
MAL-2025-48910 Malicious code in web3eth (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in trstk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48909 Malicious code in trstk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in testpackageclaim (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48902 Malicious code in testpackageclaim (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test422 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in testpackage-hello (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48901 Malicious code in testpackage-hello (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test421 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48899 Malicious code in test421 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in request-unitest (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48897 Malicious code in request-unitest (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48894 Malicious code in my-test-packagexx (PyPI)
--- -= Per source details. Do not edit below this line.=-...