9169 matches found
MAL-2025-3432 Malicious code in bbllaacckkwwoollff6ad8f751 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e88e848094db2d7414ceaf71a5a332701df9a17b145c137f0f5df76503847f90 During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
MAL-2025-3433 Malicious code in bbllaacckkwwoollff6ad8f752 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e1532a9577dc6edfd513dfbb1f189bc4cd08297e76c1f93bb2bf25ceaa210618 During installation, the code either exfiltrate some information about the system or download and execute remote code --- Category: MALICIOUS - The campaign ha...
Malicious code in codeoptimizer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ae236bbeace8d7b056d4827059bc1f4b6314e57e75827ce5a980ac9dfb991c2 On importing the module, there is an automated start of a Telegram bot capable of exfiltrating passwords from browsers, executing arbitrary commands and so on...
Malicious code in yolov8mini (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9222d20b84ed716d5bdf81f1da1d0f088fc7482894c8f25a5d1f757cc477ba9 On importing the module, there is an automated start of a Telegram bot capable of exfiltrating passwords from browsers, executing arbitrary commands and so on...
Malicious code in logax (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e129e6d6d38e21a039bd2190e3138f1381ad386e45a49521621a8b8ad61f7678 The package is capable of installing malware from a hardcoded URL. The malware is well-recognized and acts as infostealer. Interestingly, it uses Steam profile...
Malicious code in axonify (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 22991c04631c7553b040a72573bc7d0ad80886ab6bc834ac43f1e1611f85ea02 The package is capable of installing malware from a hardcoded URL. The malware is well-recognized and acts as infostealer. Interestingly, it uses Steam profile...
MAL-2025-3450 Malicious code in logax (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e129e6d6d38e21a039bd2190e3138f1381ad386e45a49521621a8b8ad61f7678 The package is capable of installing malware from a hardcoded URL. The malware is well-recognized and acts as infostealer. Interestingly, it uses Steam profile...
Malicious code in xcepthttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 98504a58d8dccbb3ea09cc521e14c9a64707763302db04111ad32eeba8616925 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
Malicious code in httpx-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d26dbf9fa1035b8b1e189f67123ee22f506cd21c08e17c282176a716af9da033 Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
Malicious code in asynchttpx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b8f233eae76de4578a7b30c6564338d644a7dfa1f59682337792de5ad13668f Importing the module starts downloading and executing first a script, and then a widely identified malware Packages are used as dependencies in a GitHub projec...
Malicious code in tlsclient3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 612e1a598a61304a9ae3550acb835ef5962f596bb74e857c2a035ba090e57dc4 Obfuscated code starts a multi-stage infection --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-2949 Malicious code in colorizetext (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 23bf8532a92e751d1429028961f8b21697466cf5938e629cd11105928584f017 Package has a hidden code starting an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in enquiry-exam (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 590114fe4174abb1ff72c06bf128aef53bd76a67eaeca5d5e891be001f6b0c17 Package contains a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-certifications...
Malicious code in certifications (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7d51c9defecdd382c5048eb6f92b32558355b8457b2b5cd63f3d86e12e8ed35b Package contains a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-certifications...
Malicious code in pythonhttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ed5759c2260c5467724f053f3d59eac62f5491fc2d03350fef0a6f832652e3b Installing the package starts a heavily obfuscated Powershell Script that attempts to at least overwrite copied crypto wallets --- Category: MALICIOUS - The...
Malicious code in useragents (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-2008 Malicious code in usvr-agent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a3eac081596280531048d1ddd913b8c2f71c1ba50ab26ee062caa484ae0f4fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-2006 Malicious code in usar-agent (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in usar-agent (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in tronyx (PyPI)
--- -= Per source details. Do not edit below this line.=-...