9163 matches found
Malicious code in sonic-platform-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2147 Malicious code in mattermost-airflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 667be9d0c5eaea7acdf1c2593165304280ef7b67bfbf4d8c0f36065836fe834c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in roboat-util (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 869ea4b94181bc5ef23562a4d749b462fb7079112cca74072ee9036fb397921f During installation, a malicious executable is downloaded and run. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in roboated (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0c9f3bba9c27e61fbe6934c9d130ada39dd87f7b7c376fe33609be1ecbaf96e2 During installation, a malicious remote executable is downloaded and run --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
PYSEC-2026-2 Two litellm versions published containing credential harvesting malware
After an API Token exposure from an exploited Trivy dependency, two new releases of litellm were uploaded to PyPI containing automatically activated malware, harvesting sensitive credentials and files, and exfiltrating to a remote API. The malicious code runs during importing any module from the...
Two litellm versions published containing credential harvesting malware
After an API Token exposure from an exploited Trivy dependency,two new releases of litellm were uploaded to PyPI containing automatically activated malware,harvesting sensitive credentials and files, and exfiltrating to a remote API.The malicious code runs during importing any module from the...
Malicious code in rocketpill (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2401 Malicious code in rocketpill (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in flycalc (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-2399 Malicious code in flycalc (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...
Malicious code in litellm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...
MAL-2026-2144 Malicious code in litellm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...
MAL-2026-2121 Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
Embedded Malicious Code
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Embedded Malicious Code. Vulnerable releases of this package were compromised with malicious code that conceals a multi-stage credential stealer and persistent backdoor. A...
MAL-2026-2013 Malicious code in nump (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 daf533091c2cd6d2ae82e47f2ba9264b23395105f9c088018560c13cea33801f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...
Malicious code in nsscache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1986 Malicious code in cloud-datasets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in tabullate (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1914 Malicious code in tabullate (PyPI)
--- -= Per source details. Do not edit below this line.=-...