13250 matches found
MAL-2026-851 Malicious code in python-files-mod (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3f9a5cad398dbfcea1ea0ed1a7b20c678a67941581a4562aa92703ac86ee421a Disguised as file system manipulation library, the package hides an obfuscated code to communicate with a Telegram channel. Though the usage is not known at th...
Malicious code in ci-metadata-python-logging (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2ec44231abe88a238f040c6ed291532c456a0f07e91b5966a76b5262526672d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in tablixs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46731b2531e50115b70ae49abbd4bd1abb55f364a4cc2d8234c749f750883359 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
MAL-2025-193013 Malicious code in tablixs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46731b2531e50115b70ae49abbd4bd1abb55f364a4cc2d8234c749f750883359 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
MAL-2026-850 Malicious code in ntoctfutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f65404ba7442c7d16e3f569b7c84afc4d1df23f9497ac3a6101d5ec3c168956f Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in jsonconfig-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 883897a307b53ac17e981eac46b8d6f8c31d88fc2628c6d57c5f7f191ed84b81 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...
Malicious code in cryptowallethash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d493d3c40b5136dd3ffea29264cf1066247cda3a10094201b4f71554ae3e592 The package claims to calculate a hash value for usage in "cryptocurrency", but before returning the hash, it exfiltrates the plain value. --- Category:...
MAL-2026-846 Malicious code in cryptowallethash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d493d3c40b5136dd3ffea29264cf1066247cda3a10094201b4f71554ae3e592 The package claims to calculate a hash value for usage in "cryptocurrency", but before returning the hash, it exfiltrates the plain value. --- Category:...
Malicious code in gpu-discovery (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea1fffa4a4969c85232301df3c8d107642ac143fbf51600d166cfd2f8d536e10 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious Package
Overview bigpyx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview graphlibx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in rzr-home (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14fb9c76cd89c8c46f6d961d450c57fcc5f454cd3ce67a53a1868ba36f66fec1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in amplify-python-logging (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e12fee1c4154d81de6e4575af21aa6a760da4f5694746264a2de50e2c5782fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-841 Malicious code in lyroxpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9016ac99840c4d68028c7b724382974154c9bf75b410da9c6b4a75ff6d20b1f The package contains an embedded archive with an executable. When importing the module, the embedded archive is run as a module. Code inside extracts the...
MAL-2026-825 Malicious code in devtools-webhook-cicd-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 807557cb6ac51aece00eeb28f55b89815176c95172780dcdded46b667f843771 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...
Malicious code in ntoutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-823 Malicious code in ntoutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
[SECURITY] Fedora 43 Update: uv-0.9.30-2.fc43
An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...
Fedora: Security Advisory (FEDORA-2026-f5514402fd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in thecorrectjames (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53ae167216303d3e0d2eda2b5321b60fc5bf9431e16ae0caa507123ba45661a1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...