9169 matches found
MAL-2025-5109 Malicious code in dbgpkg (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in colorizator (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aliyun-ai-labs-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
MAL-2025-6490 Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
Malicious code in syscachelib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8aa87f03342830d082dcfd87dfce0528b19781902f9c9e56a7379046d8a1572 Importing the module starts a UAC bypass through fodhelper to run a privileged shell, and download and execute a remote file. --- Category: MALICIOUS - The...
MAL-2025-191942 Malicious code in zamino (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c9ada91851d5e9411f5c74d5ea595be092fc2e4d2e8f7f7c995b6fbb6bd90d00 Clones of libraries to access Aminoapps e.g. legitimate package amino.fix with added exfiltration of the given credentials --- Category: MALICIOUS - The campai...
Malicious code in my-fun-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6642f3653e49e0a80b7fadf4c06bc64cba8a1a359772f1c7a668888278348fd6 During installation, the obfuscated code attempts to insert a modified Python DLL and runs a code. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in robloxextra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4281a22f488970ba086ca475848dedc3db41f77d760a4c280356d1018480ccf Importing the module starts downloading multiple stages of obfuscated code, that e.g. adds itself to autostart. --- Category: MALICIOUS - The campaign has...
Malicious code in pyximport (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4495a2909bdab391f460c6671937fa60d164f745657520e43700b229f56faf0a While described as telemetry, importing the package attempts to send out some basic info as well as quite sensitive environmental variables. --- Category:...
Malicious code in atlasctf-21-prod-02 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 797236959adb77b5a2b6d687ba0dcd688ea1fff675136998f38fedc01c65fa89 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-00 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14e4ae78e884590292b3a8ef6ebe2093e02ffc05d89f37718d9f2573e8a9e5e0 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-01 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 258b21be0ec08a121a4b506eb1cc9409d08b0cfecc9a2b995181dee57254afc7 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-03 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 374fe69b5719748c5255c0665469e0e45e3064884ece003a7fbfc56c04d3a93b On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-05 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7e008f819b27019b178836f9edea97e159c3c1f765d391800ea99f06a26ce20a On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-09 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3791e0b9977aa586d7ba5a0d388c28defe71ad86cb90f61d599f85d0e9584f73 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-10 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cf35ee49ac01d6c8e0fa0ea6dcb0beaadce7091fe25be81c878fab6a0dbc419 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-11 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ece7411f662f1c3b05a8f6bbda7c94099f1e20acc383cefb69bc8195da83e86a On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-12 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40759a1334b288bf1b2454e5df32ae973986c6e210d3261bde56c16dfc2fab22 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-13 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 773b90b87addef84f41e3bec0ed50198f5217f97c58686c8700726e2c5911f39 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...