13257 matches found
Malicious code in tronapisync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
MAL-2025-41787 Malicious code in tronapisync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...
Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF006
Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 24.0.0-IF006 addresses the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Request...
Malicious code in httpsyncer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3e9323dbc11b949e9970ead2dcc1c5a7f05348a977591f8c86027ee220c86b62 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
MAL-2025-41686 Malicious code in httpsyncer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3e9323dbc11b949e9970ead2dcc1c5a7f05348a977591f8c86027ee220c86b62 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1759 more potentially affected by CVE-2025-5197 via transformers (>=4.0.0 <=4.52.4)
transformers PYPI version =4.0.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.2 and more Source cves: CVE-2025-5197 Source advisory: SNYK:PYTHON-TRANSFORMERS-11501199...
Malicious code in num2words (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 36822c42f7e862f29cef9734efec9a9a9cc44a80e619e954dd25c12239d15767 The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code...
MAL-2025-41788 Malicious code in trongridapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b7421d70bdd0603758337ea36f6465ea98a4df7bd4c383661b11552866d0d411 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in discordsync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0da96b494aac7775c3c7672d4d77137cbeb6be21294b7c332a21d0bf978d364e Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
MAL-2025-41662 Malicious code in discordsync (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0da96b494aac7775c3c7672d4d77137cbeb6be21294b7c332a21d0bf978d364e Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
MAL-2025-41781 Malicious code in thisisthedaventestz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d5f510bfda1aeb6999f77b06597e760e13d4058dab2a7f8620bf8c561db5d39c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in zhopaorlaaato (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 45a24b1a49c10f50578e74364357b8de8d31ee62b997c0db957bc0474c841fd7 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
MAL-2025-41802 Malicious code in zhopaorlaaato (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 45a24b1a49c10f50578e74364357b8de8d31ee62b997c0db957bc0474c841fd7 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...
MAL-2025-47453 Malicious code in sisaws (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 0cc916986327ca493d55160fe841e48b756a40e030f59880874386e9e1e8a148 This package installs the SilentSync remote access trojan and allows remote code execution and data exfiltration. Windows machines are...
OPENSUSE-SU-2025:15409-1 python313-3.13.5-4.1 on GA media
These are all security issues fixed in the python313-3.13.5-4.1 package on the GA media of openSUSE Tumbleweed...
python39-3.9.23-4.1 on GA media (moderate)
python39-3.9.23-4.1 on GA media Announcement ID: openSUSE-SU-2025:15404-1 Rating: moderate Cross-References: CVE-2025-8194 CVSS scores: CVE-2025-8194 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-8194 SUSE : 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...
Malicious code in thisisthedaventest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f6701b95670bcfd620d23e4cc410957fb3cf0cc783ef0ab6d9f3ebe596ac8b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-41780 Malicious code in thisisthedaventest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f6701b95670bcfd620d23e4cc410957fb3cf0cc783ef0ab6d9f3ebe596ac8b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in totallysafe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 772cdbb82e78ad30e8f4cb0bcdd45aaf61884da051a9998fd1c1431335d0eaf7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-41785 Malicious code in totallysafe (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 772cdbb82e78ad30e8f4cb0bcdd45aaf61884da051a9998fd1c1431335d0eaf7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...