13252 matches found
Malicious code in faker-py123123thon (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fab9d41bcbc9a1625b625705433588c2bc1d08ca71e57783cc29b74bc76ddeba Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191625 Malicious code in faker-py123123thon (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fab9d41bcbc9a1625b625705433588c2bc1d08ca71e57783cc29b74bc76ddeba Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-49320 Malicious code in python-requirements-inspector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8f26b5cd7ab7cb6a847edc1afec2dc496ac0f0bd3f592f2a98391365298c4fc6 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
EUVD-2025-37448
Malicious code in python-requirements-inspector PyPI...
EUVD-2025-37449
Malicious code in faker-python PyPI...
Malicious code in krisp-audio (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1940a2f9c0907fd633cc07fcc96fad89f2e4c55cbd38d5fe8df09d1c4048c906 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191643 Malicious code in krisp-audio (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1940a2f9c0907fd633cc07fcc96fad89f2e4c55cbd38d5fe8df09d1c4048c906 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191756 Malicious code in hexdecimal (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c76fe38c65db757a8e7f52d36acea2c85ea223e1342e513c0eb2115b19da7bcb Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
OPENSUSE-SU-2025:15696-1 python311-starlette-0.49.1-1.1 on GA media
These are all security issues fixed in the python311-starlette-0.49.1-1.1 package on the GA media of openSUSE Tumbleweed...
Malicious code in pygments-richstyle (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a965f61b1e51e6c96a8987633eaf2f23001320e4c6b884c33603230c66798e74 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
MAL-2025-191654 Malicious code in pygments-richstyle (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a965f61b1e51e6c96a8987633eaf2f23001320e4c6b884c33603230c66798e74 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
Malicious code in richx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 924fa9cf3bc0754ab76a7b5960deb5b7295f4f0f3270cc5724214bdd7d543675 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
MAL-2025-191658 Malicious code in richx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 924fa9cf3bc0754ab76a7b5960deb5b7295f4f0f3270cc5724214bdd7d543675 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
Malicious code in speed-testing-nt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dcfc1b92868e7f4eef0f4c0e901418a557089fe5269a1e4ef07725d397cddbb3 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
MAL-2025-191874 Malicious code in speed-testing-nt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dcfc1b92868e7f4eef0f4c0e901418a557089fe5269a1e4ef07725d397cddbb3 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +14 more potentially affected by CVE-2025-12060 +1 more via keras (>=3.0.0 <=3.11.3)
keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.10.0 and more Source cves: CVE-2025-12060, CVE-2025-4517 Source advisory: SNYK:PYTHON-KERAS-13786416...
Malicious code in install-all-setup (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 519885ab1e79055139dd279d8e9bf603b4f1d0c0f3f6d3c90231c934f26bbb60 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
MAL-2025-191640 Malicious code in install-all-setup (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 519885ab1e79055139dd279d8e9bf603b4f1d0c0f3f6d3c90231c934f26bbb60 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in platform-python-setuptools python3-setuptools-wheel setuptools
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in platform-python-setuptools python3-setuptools-wheel setuptools Vulnerability Details CVEID:CVE-2025-47273 DESCRIPTION: setuptools is a package that allows users to download, build, install, upgrade,...
aenvironment (=0.1.7rc1), agentic-ai-engineering-course (>=0.4.6 <=0.4.7) +164 more potentially affected by CVE-2025-62800 via fastmcp (>=2.0.0 <=2.12.5)
fastmcp PYPI version =2.0.0, =0.4.6, =1.8.0, =3.2.0, =3.2.0, =4.2.2, =3.0.2, =0.2.7, =1.0.0rc1, =0.2.7, =1.7.3, =0.1.12, =0.9.30, =0.14.3, =0.18.5 and more Source cves: CVE-2025-62800 Source advisory: SNYK:PYTHON-FASTMCP-13746462...