Malicious code in instascan-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94d76fe0beb67ab3d875d659dac44b4650be6b8f5bbb4b43635c0fc2fa7b4af9 The package contains a module prepared to collect and exfiltrate user's files. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

EUVD-2026-4519

Malicious code in tableates PyPI...

Malicious code in tableates (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c69d9a3e244227f4e4146b60829ead907656c47989b3b83e1e5f56a2c06064ff Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

EUVD-2026-4520

Malicious code in tabletes PyPI...

EUVD-2026-4178

Malicious code in cflashfiles PyPI...

EUVD-2026-4181

Malicious code in icloud-recovery PyPI...

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

A new malicious package discovered in the Python Package Index PyPI has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev , mimics SymPy, replicating the latter's projec...

EUVD-2026-4198

Malicious code in sympy-dev PyPI...

EUVD-2026-4199

Malicious code in icloudprocessor PyPI...

EUVD-2026-3701

Malicious code in ttam-ploy PyPI...

EUVD-2026-3702

Malicious code in code-transfering-3 PyPI...

EUVD-2026-3703

Malicious code in code-transfering-4 PyPI...

EUVD-2026-3705

Malicious code in 1q847 PyPI...

Malicious code in 1q847 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fe398aee3ca61989d1610e4b2edae183ef70d5fabc08709875ca9ef8725d82c5 Package contains two DLL libraries, one of them packed. Both are widely recognized as malware. The exact behavior is not known --- Category: MALICIOUS - The...

EUVD-2026-3706

Malicious code in xadauiom PyPI...

Malicious code in xadauiom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64051fbf2528075ff707f512002bce043db1a535723bd677e6fcde0f53f7cafa Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2026-3708

Malicious code in spellcheckpy PyPI...

EUVD-2026-3716

Malicious code in coolpackage2323 PyPI...

CVE-2025-56005

An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile parameter in the yacc function. This parameter accepts a .pkl file that is deserialized with pickle.load without validation. Because pickle allows execution of embedded...

EUVD-2026-3496

Malicious code in spellcheckerpy PyPI...