13252 matches found
MAL-2025-191812 Malicious code in peptest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1230d903d5782f1a6d2d779ada368260f2c32d9e4f74bfd3ddd8f4df9c570572 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in siitoogether (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6fccd687f1acb55e6da0782b08ef14b3e8be5587dee4743a163a106c48390a50 Importing the module starts an RAT-like process capable of execute remote commands, with the C2 through Discord --- Category: MALICIOUS - The campaign has...
OPENSUSE-SU-2025:15750-1 python313-3.13.9-2.1 on GA media
These are all security issues fixed in the python313-3.13.9-2.1 package on the GA media of openSUSE Tumbleweed...
Malicious code in sitoogether (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09dd85c25ad8d35e40f8afc89c4a7f0322beb48a72db826b13c2142810460ac9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191686 Malicious code in aws-enumerateiam (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c108190780b32337fdce8748948935ac4229f0236710653f363b80a95dfbcd17 Before creating the boto3 client, package exfiltrates user's credentials. In this version, the exfiltrating is masked as connecting to an AWS component. The UR...
django-ninja-aio-crud (>=1.0.5 <=2.25.0) potentially affected by CVE-2025-65015 via joserfc (=1.4.1)
joserfc PYPI version =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on joserfc and may be impacted: - django-ninja-aio-crud =1.0.5, =2.25.0 Source cves: CVE-2025-65015 Source advisory: SNYK:PYTHON-JOSERFC-14052498...
Malicious code in requtils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 58a7ebfdccf4fd67fac4e6a3c3183918f4682e004468286a5675622ae6fc35c5 Package attempts to automatically exfiltrate API keys --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
swift-scality-backend (=0.4.4) potentially affected by CVE-2025-65073 via swift (=2.37.1)
swift PYPI version =2.37.1 is affected by a known vulnerability. The following packages have a transitive dependency on swift and may be impacted: - swift-scality-backend =0.4.4 Source cves: CVE-2025-65073 Source advisory: SNYK:PYTHON-SWIFT-14038401...
nfstream 6.5.4
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...
Malicious code in perfviewer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea912a2de677fa6d9ea6dbf9a792dace4d927efd46a5cb615ba8548fec4930e8 During installation, code downloads and starts an executable and a DLL library. After starting them, files are removed from the disk. The executable has been...
Malicious code in hexadecpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e553647ff67ec6e0339b5de8038f9522494a1200e0437156eee7674d5a29ef21 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-191754 Malicious code in hexadecpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e553647ff67ec6e0339b5de8038f9522494a1200e0437156eee7674d5a29ef21 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
EUVD-2025-26450
A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/app/api/proxy/image/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit...
Malicious code in d1n0-exploit-aaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
MAL-2025-191710 Malicious code in d1n0-exploit-aaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64210508ed5694fbb8abfa75dbca12a3f6a0ebc0b653866d6fd01de23cdc5170 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
MAL-2025-191791 Malicious code in minemeld-core (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dfe7b8c00b3748b3fe38ffdf3bd69558abb58091ee3347d47003929976ceb457 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191711 Malicious code in d1n0exploitaaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ecd01d9010a3e9192c6636d4ddefa1e493438b1bbf65002e8daf6a014067692 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...
Malicious code in hexadec (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f9d0ae8ccf24a6f5bfc3a0d5e39a983576d6edb2c64d9fe31fcb758236a4aa25 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-191937 Malicious code in xsltproc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9038d06e907a027d385f7ef9111815ca61e7b26fce85196a549c20e02447adc4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Mageia: Security Advisory (MGASA-2025-0289)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...