9169 matches found
Malicious code in just-test-framework (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ab2d45d38003a542b3db3afaf891f8269c46e7ac1c342c06148f8859a03bc00e Importing the module exfiltrates basic information using DNS queries. There is no other purpose of the package. --- Category: PROBABLYPENTEST - Packages lookin...
Malicious code in wdwq (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aefeaeba3d2b87141b1e79dbe4e4294e949aaaf9c07f87182bd20234d611bc66 Starting the module starts a Telegram bot client capable of exfiltrating files when requested --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-1005 Malicious code in wdwq (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aefeaeba3d2b87141b1e79dbe4e4294e949aaaf9c07f87182bd20234d611bc66 Starting the module starts a Telegram bot client capable of exfiltrating files when requested --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in requetses (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d43e83ac1c0257aa1168edf9c20430524b46520f60a5f5a0c0e1c2040afa0c87 Under a typosquatting name there is a package prepared to exfiltrate photos from a phone, although it requires external trigger. --- Category: MALICIOUS - The...
MAL-2025-974 Malicious code in requetses (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d43e83ac1c0257aa1168edf9c20430524b46520f60a5f5a0c0e1c2040afa0c87 Under a typosquatting name there is a package prepared to exfiltrate photos from a phone, although it requires external trigger. --- Category: MALICIOUS - The...
Malicious code in hugginglega (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 50647cbe9ac6f4cf09b47c93b53cd292dc5d358f04f0efb1ccd5ba48dd58bc5d Importing the module downloads a script that then download and run an infected executable --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-935 Malicious code in hugginglega (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 50647cbe9ac6f4cf09b47c93b53cd292dc5d358f04f0efb1ccd5ba48dd58bc5d Importing the module downloads a script that then download and run an infected executable --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in dscss (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron fb41535db040ebc6147f3cfe1bfc3f5638402e85fc889d78d6101814d6f4bc10 This package contains a highly obfuscated code and executes the code in a long hexadecimal string...
Malicious code in opshub (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b758593c8b18a483c8bb0309dd1e2bf37c40853f5c0a203327508c54de12bb56 Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
Malicious code in oscontrol (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ca9bc9d7a487115828ca20244ab570d82b479055acf3bc67da2387db377cc09 Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
Malicious code in sysfunc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9dc5d09b08f080ad350524a6620877c69339aac5885f4ddb2cbaec68bfa2d3ee Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
Malicious code in subsys-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cd448fe7b92604e9718438328baa70266ded0a4e0c105f7663c9256b6eeea18b Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
MAL-2025-948 Malicious code in opshub (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b758593c8b18a483c8bb0309dd1e2bf37c40853f5c0a203327508c54de12bb56 Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
MAL-2025-949 Malicious code in oscontrol (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ca9bc9d7a487115828ca20244ab570d82b479055acf3bc67da2387db377cc09 Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
MAL-2025-988 Malicious code in subsys-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cd448fe7b92604e9718438328baa70266ded0a4e0c105f7663c9256b6eeea18b Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
MAL-2025-991 Malicious code in sysfunc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9dc5d09b08f080ad350524a6620877c69339aac5885f4ddb2cbaec68bfa2d3ee Importing the module starts downloading and executing an Infostealer targeting browsers' and Discord data In first packages, there was a hidden line triggering...
Malicious code in reqesst (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e4a4682ad923d5e0f2e444487e5f42a4bae8d753ecd747f7b652e407f5cc32f Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
Malicious code in reqiest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae04fab0eca7fc7fee7494d9651df8a18dbe919cd8c0fa56522711b9f845aa25 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
Malicious code in flasl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15f6805748d19912e476158c87c5c50c0f8b50bdfa82d8c6e24d996e7c38880c Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
Malicious code in falask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 95241c523519ca2e69e19dc499161e38f895f76fb8f76114acf4d583d8288d66 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...