13250 matches found
Malicious code in ctf-pipline-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-817 Malicious code in ctf-pipline-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in http-notifier-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-814 Malicious code in http-notifier-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in skydeo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e44bfc09c7d974ae07443b4c6af6fd3e4566e7761755cc89ba810713d2b6482 Importing the module exfiltrates all environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-815 Malicious code in skydeo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e44bfc09c7d974ae07443b4c6af6fd3e4566e7761755cc89ba810713d2b6482 Importing the module exfiltrates all environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Ubuntu: Security Advisory (USN-8018-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MAL-2026-813 Malicious code in teligram (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8090b17ada40e394e1d9df27c6fe6c22db7eed330f00e44ee1cc4d94bfbf3fef Package contains a Telegram bot for remote control of the machine. While this doesn't start automatically, this behavior is not disclosed by the package...
MAL-2026-812 Malicious code in hardixx-code (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c0eeb07f1a0f9149c6e22016d85bcc59e5d0bbbac9514fbef9a2ba0289bf75fe Version 1.0.2 introduced loading obfuscated code during importing the module. However, distributions uploaded to PyPI lack the necessary file storing the code...
Malicious code in grokwrapper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a7ae896464be7f195243e35231a2435d0a1eb055cc7fa8cfaef707c7e11c55b2 During importing the module, package silently execute code hidden in an embedded config file, and downloads remote executable. It's then added to Run registry...
Malicious code in ccxt-bullish (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0729d9c3ad3f349ec626a97b7a265b1fd84f556bb1758af54adbc87bd29969f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-809 Malicious code in ccxt-bullish (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0729d9c3ad3f349ec626a97b7a265b1fd84f556bb1758af54adbc87bd29969f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
GHSA-4F84-67CV-QRV3 A single post-release of dydx-v4-client contained obfuscated multi-stage loader
A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...
A single post-release of dydx-v4-client contained obfuscated multi-stage loader
A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...
PYSEC-2026-1 A single post-release of dydx-v4-client contained obfuscated multi-stage loader
A PyPI user account compromised by an attacker and was able to upload a malicious version 1.1.5.post1 of the dydx-v4-client package. This version contains a highly obfuscated multi-stage loader that ultimately executes malicious code on the host system. While the final payload is not visible...
Malicious code in p7zip-full (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index PyPI repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the tw...
MAL-2026-774 Malicious code in adminbypasser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 867991d0e6c74f15c2f231c002867172a4e03044a328676cf9b2ec07a7e48f68 Package silently downloads remote code and adds its execution to the autostart. During analysis, the remote domain no longer existed. --- Category: MALICIOUS -...
CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18
CVE-2026-1299 affecting package python3 for versions less than 3.9.19-18. A patched version of the package is available...
MAL-2026-766 Malicious code in greeter-pro-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...