Malicious code in chicopute (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d495090103e9ff8ca138e9ad2b40556ce900f92d07ac058463eb58f42edacc85 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

Malicious code in aiostreams (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a6bc4c2d12a8ad24e8844bea0287de82e1e6ab24b08fb1f5ac983c0906a655d9 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191675 Malicious code in aiostreams (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a6bc4c2d12a8ad24e8844bea0287de82e1e6ab24b08fb1f5ac983c0906a655d9 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

Malicious code in evil-py-argo-shell (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...

MAL-2025-191722 Malicious code in evil-py-argo-shell (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1739dfc040a7678b086f2ca5bab22249fcea3774fbf83c70a40b6427d6a847ee Package demonstrate potentially malicious execution of system commands, and seems to be used for pentesting purposes --- Category: PROBABLYPENTEST - Packages...

Malicious code in mongland (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a003c7277ab04d5aec30eaa72b0f28b25c7534e6b036c381142300b3ac0bde9f Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191940 Malicious code in zakuchienne (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6cab2f6ce1c1eec52747b1f7057550b9b35d3c4f6d8c04b51e37afd47c1e5625 Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191790 Malicious code in mescouilles (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c081f74035c370212a2a4d7ab34d10ddc29fdb634e9cedfeeebd407e43b15fae Importing the module starts an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-mescouille...

MAL-2025-191894 Malicious code in testingpkgja (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0bd692e8fc46a3f43477d1f095e7c6e2b9666d2d2c60655ac91efd2be07f5193 Package downloads and starts an external executable. The executable starts the Windows calculator application. Considering this and the package description, th...

MAL-2025-191875 Malicious code in speed-testing-vps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 227b3ee25e084b57a160b7287f80a8ab8da0559184c81b5e9cae1d03941ca51b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

MAL-2025-191792 Malicious code in minizip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33ba100525dffc7a828e4b7384f862ff22dfb55d2e7d61a34c0d31ecdff64c10 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

Malicious code in hexdecnet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ca5c3aa5b553fffaca36241e0e3a6144c9b661b9e0cb77fd93ae34fc6b1ed7e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

MAL-2025-191758 Malicious code in hexdecnet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4ca5c3aa5b553fffaca36241e0e3a6144c9b661b9e0cb77fd93ae34fc6b1ed7e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

MAL-2025-191919 Malicious code in uzip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ee20087db4a86ce68765ba8046732e8f1fc906c58a0303e836429a63788dc97f During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

MAL-2025-191674 Malicious code in aiogram-msgeffect (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 edd5a99e6d1cebb47e713991f08b50dee4b5bf93ae487f6adc446318ccdba6e7 Importing the module starts obfuscated code which then look for data related to some Telegram clients and attempt to exfiltrate them --- Category: MALICIOUS -...

MAL-2025-191805 Malicious code in nspacercesolve (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a8c6f18d1f22d3d0f0b9902a176d91fdfe33270faea47c835a0078955b85914 During installation, the package looks for a flag file and exfiltrates it. Similar content is in the main file. There is no other purpose of the package ---...

MAL-2025-191897 Malicious code in tgeffect (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e254217ac113edcc1914bdfcda06509137ceed6a7441b3c846653d769335bcaa Importing the module starts obfuscated code which then look for data related to some Telegram clients and attempt to exfiltrate them --- Category: MALICIOUS -...

aggressor (=0.0.1a0), cartesia-mlx (=0.0.2) +13 more potentially affected by CVE-2025-62608 via mlx (>=0.0.4 <=0.29.2)

mlx PYPI version =0.0.4, =0.0.1, =0.6.0, =0.1.9, =0.4.2, =1.2.0, =0.0.0, =0.0.27, =0.0.1, =0.0.3a0 Source cves: CVE-2025-62608 Source advisory: OSV:PYSEC-2025-138...

Malicious code in peptest2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 60249233a6c88847f2043da362196e4b2652bd7dddb8dbfe92cc3e7b2b2676a9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191813 Malicious code in peptest2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 60249233a6c88847f2043da362196e4b2652bd7dddb8dbfe92cc3e7b2b2676a9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...