13252 matches found
Fedora: Security Advisory (FEDORA-2025-cf4edeb201)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in aiohappyeyeball (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4026e5d61b51d8fb2688488995ad95c662a15084e5c4799b0e68d0962291056 Malicious copy of the legit aiohappyeyeballs package, the pycache/staggerd.pyc contains a suspicious binary content which seems not to be a valid PYC ---...
MAL-2025-191616 Malicious code in aiohappyeyeball (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4026e5d61b51d8fb2688488995ad95c662a15084e5c4799b0e68d0962291056 Malicious copy of the legit aiohappyeyeballs package, the pycache/staggerd.pyc contains a suspicious binary content which seems not to be a valid PYC ---...
MAL-2025-191632 Malicious code in httpserver-cache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f48fad5068e7bfd86223ca6ef2fbf939ae684f2a4ae499f15f9cbe1e0cd9144d Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
Malicious code in httpserver-cache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f48fad5068e7bfd86223ca6ef2fbf939ae684f2a4ae499f15f9cbe1e0cd9144d Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
Malicious code in donotinstall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a0c56680f6f4db81ec1ad0691253d592055a3581b00e9c93e3dfd6d448b63212 Package contains obfuscated reverse shell. However, it connects with a local IP only, thus it's much more a test than a malicious action --- Category:...
MAL-2025-191622 Malicious code in donotinstall (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a0c56680f6f4db81ec1ad0691253d592055a3581b00e9c93e3dfd6d448b63212 Package contains obfuscated reverse shell. However, it connects with a local IP only, thus it's much more a test than a malicious action --- Category:...
Malicious code in syschecker (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 81ab746bf511a8c6c41c5776e5688c310a5255c65fda0fad65e31b1ed534dc91 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
MAL-2025-191663 Malicious code in syschecker (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 81ab746bf511a8c6c41c5776e5688c310a5255c65fda0fad65e31b1ed534dc91 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
MAL-2025-191665 Malicious code in windowsrequir (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1e2404307bae09dee3c7fe01e272b488ca2da014d14ad2a740ed76c89634e8 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
Malicious code in windowsrequir (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1e2404307bae09dee3c7fe01e272b488ca2da014d14ad2a740ed76c89634e8 Package downloads and runs an obfuscated bat file, which executes malicious activity according to VirusTotal results. --- Category: MALICIOUS - The campaign ha...
Malicious code in hexdecli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14b72d96ce6a8700ee188783d301dc5f37cd7182ac8082491a75c582184309e4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-191630 Malicious code in hexdecli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14b72d96ce6a8700ee188783d301dc5f37cd7182ac8082491a75c582184309e4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in benign-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09477b048d84611002417894ccb3265d246be0156b096a8b47776960d45e9d3d Package hides an executable inside, and starts it when imported. The sandbox analysis shows only starting a calculator, which suggests it's a research attempt...
MAL-2025-191620 Malicious code in benign-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09477b048d84611002417894ccb3265d246be0156b096a8b47776960d45e9d3d Package hides an executable inside, and starts it when imported. The sandbox analysis shows only starting a calculator, which suggests it's a research attempt...
MAL-2025-191844 Malicious code in python3-autopep8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 36e35b782ec2e15a96c4b7c9d9eb5bacbbf3ded26b6b3ee72f2f698b1622c241 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191878 Malicious code in statsapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5c59dd2732ec529321670e500c8b732a5641b361029fd435277a6f110d4c5286 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in ethaddrlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9dc2b3682a4269e98a57e232f473846d94e0c74209349b54e1ccc5c669110c47 Package claims to validate mnemonic, a sensitive part of cryptocurrency system. The responsible functions, however, send given data to a remote service, and no...
Malicious code in hexdecpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 246a48191e6ca40c12a29dfd6b4d14307b5f478f7cbec5f99fb96f12e78c89aa Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-191631 Malicious code in hexdecpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 246a48191e6ca40c12a29dfd6b4d14307b5f478f7cbec5f99fb96f12e78c89aa Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...