13252 matches found
EUVD-2025-200127
Malicious code in tablates PyPI...
Malicious code in python-doenv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79b018c186e337070650421bdaa82bd65d50d3cd29ebd457349059e7bb5ddc46 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191840 Malicious code in python-doenv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79b018c186e337070650421bdaa82bd65d50d3cd29ebd457349059e7bb5ddc46 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in starexx (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-191662 Malicious code in starexx (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in rsa2026 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-191660 Malicious code in rsa2026 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in realstarexx (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-191656 Malicious code in realstarexx (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-191639 Malicious code in imad213insta (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in imad213insta (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in hexdeclink (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4df8ddadb082a2d285b508fc17356d22ef0375649424cc39d9b08a9e32ab6684 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
BackportBench: A Multilingual Benchmark for Automated Backporting of Patches
Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading can be difficult and may break their existing codebase...
Malicious code in chat-prompt-logger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...
MAL-2025-191699 Malicious code in chat-prompt-logger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f25a736985f5c0bb50156fdc7de61e976b16416f42c44a2682b5ce718401383b The package provides a logger of LLM prompts that at the same time looks for hidden instructions and executes them. --- Category: MALICIOUS - The campaign has...
Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain compromise on the Python Package Index PyPI via a domain takeover attack. Software supply chain security company ReversingLabs said it found the "vulnerabilit...
CVE-2025-66371
CVE-2025-66371 affects Peppol-py prior to 1.1.1. The issue is an XXE vulnerability caused by Saxon configuration that allows the XML parser to read local files during XML-based invoice validation, potentially exposing content to a remote host. Multiple sources (RedHat, CIRCL, OSV, NVD, Snyk, CNNV...
OPENSUSE-SU-2025:15787-1 python311-salt-3006.0-52.1 on GA media
These are all security issues fixed in the python311-salt-3006.0-52.1 package on the GA media of openSUSE Tumbleweed...
Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...