Malicious code in ccxtt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6e773dfbf272510462161ef414375e503b05178db70661f62abc709494f507c0 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in fredmi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 01c99c53e4554cc5799b0b94a6bd72836ccf768e513a2b299ccdc4d963603df6 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

PT-2022-28245 · Sentinelone · Sentinelone

Name of the Vulnerable Software and Affected Versions: SentinelOne affected versions not specified Description: Threat actors impersonated SentinelOne by uploading fake software development kits SDKs onto PyPI. These SDKs contained fully functional SentinelOne clients but also included malicious...

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

Threat actors have published yet another round of malicious packages to Python Package Index PyPI with the goal of delivering information-stealing malware on compromised developer machines. Interestingly, while the malware goes by a variety of names like ANGEL Stealer, Celestial Stealer, Fade...

Two Zero-day Supply Chain Attacks Found in the Python Package Index

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day supply chain attack called "aioconsol" was discovered on December 9, 2022 in a Python package published on the Python Package Index PyPI on December 6, 2022. All three versions of the package...

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index PyPI repository that impersonates a software development kit SDK for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. The package, named SentinelOne and now taken...

PYSEC-2022-43109

The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43127

The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43090

The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0...

PYSEC-2022-43085

The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0...

PT-2022-37352 · Pypi +1 · Democritus-Uuids +2

Name of the Vulnerable Software and Affected Versions: d8s-timer version not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-timer for python distributed on PyPI. Another affected package is democritus-uuids...

PT-2022-37353 · Pypi · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-timer version not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party in the d8s-timer package distributed on PyPI. Additionally, the democritus-dates package also contains a...

PT-2022-27092 · D8S-Htm +2 · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-htm version 0.1.0 democritus-math affected versions not specified Description: A potential code-execution backdoor was inserted by a third party into the d8s-stats for python distributed on PyPI. The democritus-math package also contains ...

PT-2022-37344 · Pypi · Democritus-Json +2

Name of the Vulnerable Software and Affected Versions: d8s-networking version not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party in the d8s-networking package distributed on PyPI. Additionally, the democritus-json package also contai...

PT-2022-37371 · Pypi +1 · Democritus-Json +2

Name of the Vulnerable Software and Affected Versions: d8s-networking version not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-networking package for Python distributed on PyPI. Another affected package is...

PT-2022-37345 · Pypi · D8S-Htm +2

Name of the Vulnerable Software and Affected Versions: d8s-networking affected versions not specified d8s-htm version 0.1.0 Description: A potential code-execution backdoor was inserted by a third party into the d8s-networking package for Python, distributed on PyPI. Another affected package is...

CVE-2022-42036

The d8s-urls package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...

PYSEC-2022-43029

The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

PYSEC-2022-43036

The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...

PYSEC-2022-43024

The d8s-file-system package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...