9169 matches found
MAL-2025-5126 Malicious code in readmecolorama (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f74e374afe61cdaa52e0c651ae413abc94b50cd15de263a9d247de21bfc6fa1 Importing the module starts download and running a remote executable, identified as malware by AVs --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in solana-trade (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e84e568bb86db442dd7d2e19e6fa1805ea10085d9926220d986941d87ca99259 Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in solana-live (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 edea0605b97d331d0da7af79c24a8875042687bf06aed9192f7cded40da09012 Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in dexscreener-charts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46bedd3ee92a24c08ca1ab124f058e6b240b43c4cc9431ceccc8b2c050437b5e Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in sol-prices (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d95d5a12e7c7a9753ed8a1612ade65f2e5775940dec3eadaefb47ec670bfc1d Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-5139 Malicious code in solana-trade (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e84e568bb86db442dd7d2e19e6fa1805ea10085d9926220d986941d87ca99259 Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
MAL-2025-5111 Malicious code in dexscreener-data (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 066a4d507cf7468384b144c7aa850b759abf3d38a02a609b42eed723f149f37a Code exfiltrates the current python code and/or IPythonshell history --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in coloraiz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dc4606b3e3f05632a889906f4c259e329a08308382fbc27329752eb8ea6a6c3c The package imitates colorama, and places a proxy object over the original colorama module that on every usage executes a remote code. The remote script instal...
MAL-2025-5102 Malicious code in coloraiz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dc4606b3e3f05632a889906f4c259e329a08308382fbc27329752eb8ea6a6c3c The package imitates colorama, and places a proxy object over the original colorama module that on every usage executes a remote code. The remote script instal...
Malicious code in pyfiglets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 66caa962e9fedf67dff7c9da840c4a4dcdca71f237d2e36f332f5b5bd32750bc Malicious clone of pyfiglet. Importing the package starts a series of downloading and executing of obfuscated malicious scripts, partially identified by AVs. -...
Malicious code in myownpyfiglet (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 feb59db3efc9397070b6fcdf08762e0defb77d34e5ababf463e3c1a7a1f5b927 Malicious clone of pyfiglet. Importing the package starts a series of downloading and executing of obfuscated malicious scripts, partially identified by AVs. -...
Malicious code in rich-figlet (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b97458c87c8580a9cb2f2edc0af2ae40a36489dafa860102eee0307256cb416b Malicious clone of pyfiglet. Importing the package starts a series of downloading and executing of obfuscated malicious scripts, partially identified by AVs. -...
MAL-2025-5130 Malicious code in rich-figlet (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b97458c87c8580a9cb2f2edc0af2ae40a36489dafa860102eee0307256cb416b Malicious clone of pyfiglet. Importing the package starts a series of downloading and executing of obfuscated malicious scripts, partially identified by AVs. -...
Malicious code in netpackat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0f971eaa8aa4f59d981802034020fcd9b7c6008c2e9ed41a868a9e3186e7eed Code download and runs an executable, which is widely recognized as malware. The system is also configured to run it on startup, and the file is saved in paths...
Malicious code in netspear (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 015d4e7a345166ce5767408055a810a394e59a8c40b1a3c459ee006efa647e0a Code download and runs an executable, which is widely recognized as malware. The system is also configured to run it on startup, and the file is saved in paths...
MAL-2025-5121 Malicious code in netspear (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 015d4e7a345166ce5767408055a810a394e59a8c40b1a3c459ee006efa647e0a Code download and runs an executable, which is widely recognized as malware. The system is also configured to run it on startup, and the file is saved in paths...
MAL-2025-5120 Malicious code in netpackat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f0f971eaa8aa4f59d981802034020fcd9b7c6008c2e9ed41a868a9e3186e7eed Code download and runs an executable, which is widely recognized as malware. The system is also configured to run it on startup, and the file is saved in paths...
Malicious code in discorddox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 52f656f62a0fe1e90282cf7e8004bfd78e69a854e5e7a9c33ef72b7e5b43b831 The package contains an embedded malicious executable probably blank grabber started when running the module. Probably continuation of 2025-05-pydoxing ---...
MAL-2025-4219 Malicious code in free-internet-dns (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 80f5bbcb50f9c9699a083711bb4d59905b49a198ddcd8c95425030d01d6a45e5 Installing the package installs a backdoor a qsocket.io and automatically uploads access credentials from the output of the qsocket client to the remote server...
MAL-2025-4240 Malicious code in solana-test-suite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 637014df713a194c727be0c3c8a6883b80fa29c7e66be089dd3bb82e49b915b4 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...