9163 matches found
MAL-2026-1896 Malicious code in bigmathix (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1895 Malicious code in bigmathex (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in bigmathex (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aitrade (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2026-1893 Malicious code in aitrade (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in rowrap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 606ce541a3ef4a98e4e1639e96c6431e7ec83be6f987c640a63c03991eae4f6e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
Malicious code in robloxapi-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ff27677fd14eddf36fd58fee0bb539ef89fd596e83450c68f8dc0436350abfd6 Installation embeds a malicious PTH file that then during import downloads and executes remote code. During analysis, the remote code was a test starting...
Malicious code in color-list (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 86ffbba2d1825f76d4c2baa6a8b7ecbe85514239934a3d7903745d17d4baf704 Malicious code hidden in the color-list package uses the presence of pretty-tabulate as a trigger to load code hidden in likely a third malicious package...
MAL-2026-1437 Malicious code in flowpeek (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e79fec156ab781e041d49cebd6082ee113ef98ce53945dc1a949a3a8e96fa734 During import, the code starts the embedded executable. This executable is an information stealer extracting sensitive data to a Discord channel. --- Category:...
MAL-2026-1408 Malicious code in nai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9e4650a322afd07ff77c3f934248e52f477f2d1cebd0c84b1074bdba1142efe Package is a hacking tool that not only abuses 3rd-party services but also silently exfiltrates credentials the user uses to log in there. The provided account...
Malicious code in makenotion-ppetest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8a77a3e2f70388147c71ce781715204b49848f8a88c362506e14ecfbdff51208 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in falador (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1d66c45b27d4ff7595d8a13a91515450c248dc50a6531199f0254bbd9d6440bb During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...
MAL-2026-1339 Malicious code in anontest123 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f4d47757d3ee2d0dde7ed82934a06bf64343c344a7b090cf77f05dcd73f813a5 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-1340 Malicious code in safetest123 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 697641cf873581d63edc257a57ab2bef9e6662b8c6afbe7917fef190e539df39 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in demozecosse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd7840785d53d90edc61c6138072f4ed7a01b35dd05d76d9d6f5343ec93bff7 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecosso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca3839025ccad67334436cff10b99fc2c407515ed2d9a4e146d11b253b356c8a Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in py-sysbench (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bcd34dcdc69398d2b97a0890cc550974824096b2844524f868505aa32032f147 Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...
GHSA-QR2G-P6Q7-W82M x402 SDK Security Advisory
Impact A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK. Who...
Malicious code in flowfix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77c3304c8fcc8e0cdf2ac450babf481ff0ee3e93cb3c4213c6b4fa8d80cf4137 The package hides code to download and open remote content. The current code seems to be a bit broken as the final URL is not correct, but the code holds also...