9169 matches found
Malicious code in admcheck2 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in adv2099m (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in adm3 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in admcheck (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in adm4 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in a1rn (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 90456984689490856 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 4123 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 233-misc (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 3m-promo-gen-api (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 1923tsl1 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 191239aa (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in 1337test (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in tensorfioi (PyPI)
This package is considered malicious because it communicates with an unknown host via a Telegram channel...
Hackers Target Python Developers with Fake "Crytic-Compilers" Package on PyPI
Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index PyPI repository that's designed to deliver an information stealer called Lumma aka LummaC2. The package in question is crytic-compilers, a typosquatted version of a legitimate library named...
Malicious code in reqwestss (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1b49654324e091538657038a1288d05e2879c02d73bec38baeae681b0a26f5b9 The OpenSSF Package Analysis project identified 'reqwestss' @ 0.1.0 pypi as malicious. It is considered malicious because: - The package...
Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index PyPI repository to facilitate cryptocurrency theft as part of a broader campaign. The package in question is pytoileur, which has been downloaded 316 times as of writing...
Malicious code in discord-react (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bc34a3a31bb6498c18b917bfd0c3049006f5c630220a45dbef402db8ef290775 The OpenSSF Package Analysis project identified 'discord-react' @ 0.0.0.1 pypi as malicious. It is considered malicious because: - The package...
Python's PyPI Reveals Its Secrets
GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...
python3.11-pip bug fix and enhancement update
An update is available for python3.11-pip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list pip is a package management system used to install and manage software...