MAL-2026-5519 Malicious code in requests-toolbelt-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38c64ca050de4910f56bc4a652890b0a378082859cb62153762c6ae08b4b8eae The package impersonates the popular requests-toolbelt library but ships an empty requeststoolbeltplus/init.py and places its real logic in setup.py...

Malicious code in roboat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...

Malicious code in cloud-datasets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191908 Malicious code in tosa-serialization-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5badd7c7414eb1f6fbdf1934b42ffe74549daa74508afd092af853097170eb8e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in selfpongvisanvidia (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3b5f0289b7fbe5371f082e3cba92de9985782cd8e4ae9da22db0912e71aed284 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-studyvmpyw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 33426fde62ec7abad65c46ecec38eeb6ccf617f113b948e5853f00c77d7802ad EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-libhydraed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e6dc1da8d61a1da67561383f7be0990180567576530f51dec9b608e438f133c9 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-intelosintosint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c87e275958be06766e9541f951afc9033510fcb74a5e025319272de13d08a979 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in tplibpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx acea5cffaa2bc2837fc5d521d736f7d8a34af63cf9daa9e264a29a3c8ba5e2b5 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in proofgrand (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c61e80509245ae8aebdf822b98f2c945c89adfa39216269bc5189552e7b290f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...