13263 matches found
MAL-2025-48892 Malicious code in hackerone-app-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7989720a786925f09101ea3e9ebce9bf8190a57a6401b6e46125a75ad160bc66 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in hackerone-app-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7989720a786925f09101ea3e9ebce9bf8190a57a6401b6e46125a75ad160bc66 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in veilcord-tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron aed8328880d0c346cc1c0c9d51602617be4ea88a7a23878b68164484949555b2 This package decodes a payload and executes it whenever it is imported. It seems to be targeting veilcord package users. Its contents are almost...
MAL-2025-47458 Malicious code in veilcord-tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron aed8328880d0c346cc1c0c9d51602617be4ea88a7a23878b68164484949555b2 This package decodes a payload and executes it whenever it is imported. It seems to be targeting veilcord package users. Its contents are almost...
RHEL 8 : python3 (RHSA-2025:15968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15968 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...
MAL-2025-48888 Malicious code in consolergbcolor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 04beefffad3b4018eda21173a10a1dbebd8127bd9870d86e31894c6be592e107 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in consolergbcolor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 04beefffad3b4018eda21173a10a1dbebd8127bd9870d86e31894c6be592e107 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-191678 Malicious code in amd-taichi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f9a360052987b7df8a2686b98678789e6699d7f6592a2191a5d6346a7897d7d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
A new artificial intelligence AI-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index PyPI repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framewor...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1761 more potentially affected by CVE-2025-6051 via transformers (>=4.0.0 <=4.52.4)
transformers PYPI version =4.0.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.2 and more Source cves: CVE-2025-6051 Source advisory: SNYK:PYTHON-TRANSFORMERS-12670879...
Malicious code in mevguard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-47787 Malicious code in mevguard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-191815 Malicious code in pokemon-app-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f6c79d8e736c89d71abb3438a63c2b22868d2a31b61125c1f641c53fb0da2909 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in datetime-zones (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d1a3d123441a30b70e5c3317307e99636ac6d13c589e7fb1ae0253a6aaa96aaf During import, environment variables are exfiltrated --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in tronkeypy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15beba1021e7f60daed074087734c4a931b0b0d93695e6d1bf28aea909f41a80 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-47807 Malicious code in tronkeypy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15beba1021e7f60daed074087734c4a931b0b0d93695e6d1bf28aea909f41a80 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in consolecolornew (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a54001c8462b9c69251a199f4e782ad084ccd11ad435aa785443af2590dc0f02 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-47754 Malicious code in consolecolornew (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a54001c8462b9c69251a199f4e782ad084ccd11ad435aa785443af2590dc0f02 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in tronkeyspy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762c52ac89d263a12b871d89f8eda658aaa6cc433251fb764ccc55d28e94f1e1 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-47808 Malicious code in tronkeyspy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762c52ac89d263a12b871d89f8eda658aaa6cc433251fb764ccc55d28e94f1e1 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...