9169 matches found
Malicious code in nerst (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ac5aa6644938e09002e1da1848fe502aad6e6f7c7733210529238eacd6bfb5a0 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in baibitmf (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8d93b26a0f284c5d1c8c947e71598235be7de5ec89c7da775b88d410436e33ae A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in v2xlm-gml (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7fbdd4767b759c720bb13db759299986734471ff1064c52f7d25110c8e9aa617 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in lightsequ (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 982a9ec66c32a78f5829a04aa08e2f9d29f03f317b6a69b6ae0cc1e2d8b02c17 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious Package
Overview youreallydontwantthispackage2131 is a malicious package. This library contains malicious code and was removed from the package manager PyPi Remediation Avoid using all malicious instances of the youreallydontwantthispackage2131 package...
Malicious code in kekiktaban (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 80c5f1e8e195c782d87e63c2bfc7eac3febe17836c3d502594ea10524f97464e Obfuscated package containing multiple techniques detecting sandboxing and exfiltrating basic data to a telegram webhook, with a little other functionality ---...
MAL-2024-11620 Malicious code in kekiktaban (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 80c5f1e8e195c782d87e63c2bfc7eac3febe17836c3d502594ea10524f97464e Obfuscated package containing multiple techniques detecting sandboxing and exfiltrating basic data to a telegram webhook, with a little other functionality ---...
Malicious code in pplgdfhuighsdfyisfdty (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a6da12f1a169dc997d18e49311bb47be99e753dca10106e2bde591c0618268d1 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
Malicious code in pplgdfhuighsdfyisfdty2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b38f6d0da39d944ddde3bda8742a42099398148ad778fb06fe57e6a3274ea2e8 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
Malicious code in fidnffvvbfhghghhhh (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53e1b3f1fc19bbc10acfd813b8839f3831cc7624906c54a8ea4ca6a2d2706877 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
Malicious code in gal32fjdsbf89hnd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 289d4debca52d2f6a1dd07428abe588fa5857d09a6726740ba061b260d24de8b Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
MAL-2024-11598 Malicious code in gal32fjdsbf89hnd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 289d4debca52d2f6a1dd07428abe588fa5857d09a6726740ba061b260d24de8b Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
MAL-2024-11596 Malicious code in fidnffvvbfhghghhhh (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53e1b3f1fc19bbc10acfd813b8839f3831cc7624906c54a8ea4ca6a2d2706877 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
MAL-2024-11661 Malicious code in pplgdfhuighsdfyisfdty (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a6da12f1a169dc997d18e49311bb47be99e753dca10106e2bde591c0618268d1 Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...
Malicious code in huangpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a914c7e2cc097ba21e12b61f176cefd1971bb2a38f3b5fe2e81038e143f27da9 Importing the module starts an infostealer attempting to exfiltrate webbrowsers' data to a Telegram webhook. --- Category: MALICIOUS - The campaign has clearly...
MAL-2024-11610 Malicious code in huangpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a914c7e2cc097ba21e12b61f176cefd1971bb2a38f3b5fe2e81038e143f27da9 Importing the module starts an infostealer attempting to exfiltrate webbrowsers' data to a Telegram webhook. --- Category: MALICIOUS - The campaign has clearly...
Malicious code in j5gerggnpuiwerbngpiutbgn0iutb0p (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b948e846f1817c6c72336ef38aac1149d25e0e40dc903eef60f7af4f3625e1f According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...
Malicious code in j5gnpuiwerbngpiutbgn0iutb0pfwef (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51f6d35c5375794ab0e1fdb23c00c2a82ad0e3d9e5731031a652d9e3a8766a9a According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...
Malicious code in ggghhhrrr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 28a551f5605f075f623a22621731c74e18e92b9e3eafef6d876457301fbeee20 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...
Malicious code in j5gnpfweguiwerbngpiutbgn0iutb0pfwfef (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 41b992b1717ae4c37710bfcb4b86d013ca8f3eb95dc9e06f47bdd813010db976 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...