Malicious code in pylibcugraph (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b298ab8786b687f39d3ce25f6a69effd415c27b384fa23bc45c5fdf640448105 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191835 Malicious code in pylibcugraph (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b298ab8786b687f39d3ce25f6a69effd415c27b384fa23bc45c5fdf640448105 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in quicksort-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2025-191850 Malicious code in quicksort-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d58062fd8cad559810255c4386b2acbeda83096e2999ea1172b10d0d7af008cb Importing the module downloads and executes an executable with malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

Malicious code in morosint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2118ab70535d0272c108e5a454745ae83d10cd3421d5989984ab961b348367b5 Importing the module starts exfiltrating Discord tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191841 Malicious code in python-rootpath (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb867560d676e7b79ce110b230906a9630feb223cbcb6072bff5a2636c60a3c7 Hidden code downloads, saves and import a remote script. The package itself is a clone of a legitimate "rootpath". At the time of analysis, the remote script d...

Malicious code in google-cloud-iam-credentials (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e75faf49c379401db38883bfb490edbc74161e0d52d38f6aac38f6166645133a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

OPENSUSE-SU-2025:15731-1 python311-Brotli-1.2.0-1.1 on GA media

These are all security issues fixed in the python311-Brotli-1.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2025-72747

Malicious code in zestypythonz3n npm...

Malicious code in llmboost-hub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 644589899c04664f0638a5eb5d08755b21fddf2d0772259d0f8859a65586be3b This package executes an obfuscated payload embedded within a license-checking module...

MAL-2025-112503 Malicious code in llmboost-hub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 644589899c04664f0638a5eb5d08755b21fddf2d0772259d0f8859a65586be3b This package executes an obfuscated payload embedded within a license-checking module...

sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: SNYK:PYTHON-OPENEXR-13877098...

MAL-2025-191713 Malicious code in db-aggregator-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aed54ed734902c1a5749b7861e2ad95cc2d8c71c78fa4b0167499f9a1b296f9f Importing the module downloads and starts an infostealer. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in wei516-tpa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ee2f69d608c9430677e3723e003b788f464ae688126d65199fc2936f1adfb0e Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

MAL-2025-191931 Malicious code in wei516-tpa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ee2f69d608c9430677e3723e003b788f464ae688126d65199fc2936f1adfb0e Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

Malicious code in mcp-weather-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c12eff5425b0aa04547b3bbff3444c1d96ca3cf765fdc105d7b7ff9252c9afda Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

MAL-2025-191929 Malicious code in wei516-enconly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e40931688b41ac8340ab8f27604ba32f1ea6e364df1e614343cbc4cf0df50e8 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

MAL-2025-191925 Malicious code in wayspiritmcp-ppa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 efa23f0b46a88dcde4aa71c67cba31f46d0f8a9eef555daa0cbe4f2bd54d7a38 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

Malicious code in wayspiritmcp-enconly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b075eb7116e55dd48db0e026ce51a42ec4e7e1e100b4b68c8a42d4b35411f749 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +254 more potentially affected by CVE-2025-64458 via django (>=5.0.0 <=5.1.13)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2025-64458 Source advisory: SNYK:PYTHON-DJANGO-13837025...