9169 matches found
Malicious code in aphisherman (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6435 Malicious code in aphisherman (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aphisher (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aistac-foundation (PyPI)
--- -= Per source details. Do not edit below this line.=-...
After a successful phishing attack, new versions of `num2words` were published containing malware.
The num2words project was compromised via a phishing attackand two new versions were uploaded to PyPI containing malicious code.The affected versions have been removed from PyPI,and users are advised to remove the affected versions from their environments...
MAL-2025-191828 Malicious code in prof-tg-to-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e590e0ed82342410566d6866a770346dcbe14dc6f93bc6294d245148d6c28a51 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-41789 Malicious code in trongridperm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb2deee7747ccb12e0b2da45c212a0678fc8a3f02bf72b8aba4508ae70e3e26a Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in maxload (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09b392bd35def14bcd622e3863dec62ba92d26ef152cc81e657cb2c2194b93a8 Running the module downloads, configure its startup and starts a remote executable. The exe is capable of sending files to a hardcoded Telegram channel, but th...
MAL-2025-41701 Malicious code in maxload (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09b392bd35def14bcd622e3863dec62ba92d26ef152cc81e657cb2c2194b93a8 Running the module downloads, configure its startup and starts a remote executable. The exe is capable of sending files to a hardcoded Telegram channel, but th...
Malicious code in someeebbb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0fd59432f228380b77cbfb70e5a776f13b909d7be4b57ce72e270f41ac035ee0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-41764 Malicious code in someeebbb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0fd59432f228380b77cbfb70e5a776f13b909d7be4b57ce72e270f41ac035ee0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in triple-equal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 10911ac4eed73695e2fe15b22983d481742de5688de5b3329d330daa2f88bba9 When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...
MAL-2025-41786 Malicious code in triple-equal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 10911ac4eed73695e2fe15b22983d481742de5688de5b3329d330daa2f88bba9 When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...
Malicious code in testpackageroietest3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 88b61508de8bb1a4224db6f1b2c7f8784f678f59e6ecacfac77c0a7d3f0409df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in testpackageroietest2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 540d9028178695a791b307758df0ac5dca1f6c77f19e12579e4b0745580f358d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-41775 Malicious code in testpackageroietest2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 540d9028178695a791b307758df0ac5dca1f6c77f19e12579e4b0745580f358d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in greater-than (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9287f16baf24f1b5d14e3cdae0ae58d583bcacfa0a19d78c41fc32b3fdce547c When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...
MAL-2025-41681 Malicious code in greater-than (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9287f16baf24f1b5d14e3cdae0ae58d583bcacfa0a19d78c41fc32b3fdce547c When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...
Malicious code in requires-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa1ee2e2c3ead90338250a60177535b23b5f30016e1d06a5b944092cbc3305e7 When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...
MAL-2025-41747 Malicious code in requires-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa1ee2e2c3ead90338250a60177535b23b5f30016e1d06a5b944092cbc3305e7 When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...