Malicious code in realstarexx (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-191656 Malicious code in realstarexx (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in imad213insta (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-191639 Malicious code in imad213insta (PyPI)

--- -= Per source details. Do not edit below this line.=-...

BackportBench: A Multilingual Benchmark for Automated Backporting of Patches

Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading can be difficult and may break their existing codebase...

Malicious code in chat-prompt-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...

Malicious code in logguru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index PyPI via a domain takeover attack. Software supply chain security company ReversingLabs said it found the "vulnerabilit...

Malicious code in discord-selfsbotsx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191717 Malicious code in dev-server-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77df2294feff074b86c685e622e69901b80eb16fdbf60eb785a026318d84788e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in gptall (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d6c72f5a98f22bc22ef0ad7aef178f253ba95ebac54ba881f95762d4805f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Exploring the SECURITY.Md in the Dependency Chain: Preliminary Analysis of the PyPI Ecosystem

Security policies, such as SECURITY.md files, are now common in open-source projects. They help guide responsible vulnerability reporting and build trust among users and contributors. Despite their growing use, it is still unclear how these policies influence the structure and evolution of softwa...

EUVD-2025-199701

Malicious code in atlassian-praz PyPI...

EUVD-2025-199702

Malicious code in atlassian-exp PyPI...

Malicious code in atlassian-exp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 802483ac3ec3749092037040a0a50ed9fa329232a832ac15fd5a0c692c42a9fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in hexcon (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 191af8110082a90345db609c8f23d2313a5be68ec121742172f32cf3a1d5d905 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

Security Bulletin: NVIDIA NeMo Framework - November 2025

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.5.1 or later from NVIDIA/NeMo Framework on NVIDIA GitHub and pypi. Go to NVIDIA Product Security...

MAL-2025-191675 Malicious code in aiostreams (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a6bc4c2d12a8ad24e8844bea0287de82e1e6ab24b08fb1f5ac983c0906a655d9 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191940 Malicious code in zakuchienne (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6cab2f6ce1c1eec52747b1f7057550b9b35d3c4f6d8c04b51e37afd47c1e5625 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191875 Malicious code in speed-testing-vps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 227b3ee25e084b57a160b7287f80a8ab8da0559184c81b5e9cae1d03941ca51b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...