Malicious code in guiad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 89a83ee64238bd21afc798da5fdbee6dfa1249e24326fabeb6dcf62af86f7c3a EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in minepost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 76bee5f785c0dcbc6f491fd4a0e55026a0642ca1239e2490a228e4cd052f7082 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in grandurl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c79a2a8050c68b81599a731575a18aa80a6a035a57fe944a6d3c69e7841f7b60 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in infopost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 50286e0443c5cda90c4b2e70923670db18925f2f02ced361eb21d5961a7129f2 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in guicpu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5763563ba13a086b29e12df7d4fd3c24c5c1fe3c2b925eccb4e69ce0a395f749 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2023-25578 +1 more via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2023-25578, CVE-2024-52581 Source advisory: OSV:GHSA-P24M-863F-FM6Q...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-23934 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-23934 Source advisory: OSV:GHSA-PX8H-6QXV-M22Q...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-25577 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-25577 Source advisory: OSV:GHSA-XG9F-G7G7-2323...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-25577 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-25577 Source advisory: OSV:PYSEC-2023-58...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-23934 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-23934 Source advisory: OSV:PYSEC-2023-57...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

Malicious code in tkcaelndar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c49be3ad2a45b16c6ad5922865a55eb1b6086e4af4f531855090f53be356741 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in tkcalenadr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b7cf03379278d5958cb3faa876beea8f932ec37224f21479165c81786494fec4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautifulsou (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx da2062b8d076556b32fa8c5c2755a46634ea891182547b05c2652a565021d825 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beutifulsoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f1dfa0882ee26c021dbe459f69acb1c31a8f6141b5df94313b6e806deb2027ee Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautifusoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3a6c340d387a9739780a2da49186b1349c0c82073cbe49bf70102e75cb1e55f2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautiifulsoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 82247e42c982dcdd5b95e4b64462118db364fb0a98ecf109e4873d396f9e29fe Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in prompt-ttoolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 83a7c035b47cdee736e3de62713b91b185c29321810f07db52665cb4c7dcabdc Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in promtp-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7109d3f59807180ae0d2a0c29a60a87e8db5ca9ce59d7285827149f4e48047fe Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...