9169 matches found
MAL-2025-48906 Malicious code in tronkeeppy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 415a91c7ce521e9bd46c6e7343acc641436614a73a056c5663496697e4399825 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in tronkeep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 381d538ed6a0fd0f9b5cd5fbbbd6423bb8f906d8974a297ac4173cf0df0026e9 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in hackerone-app-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7989720a786925f09101ea3e9ebce9bf8190a57a6401b6e46125a75ad160bc66 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-48892 Malicious code in hackerone-app-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7989720a786925f09101ea3e9ebce9bf8190a57a6401b6e46125a75ad160bc66 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-48888 Malicious code in consolergbcolor (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 04beefffad3b4018eda21173a10a1dbebd8127bd9870d86e31894c6be592e107 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
A new artificial intelligence AI-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index PyPI repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes. Dubbed Villager, the framewor...
Malicious code in mevguard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...
MAL-2025-47787 Malicious code in mevguard (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46b2aa8c02569ef9c6bab8214553d7af8d7e1c1f3499324654bb30870832f6f5 The obfuscated code provides "initializesession" function that exfiltrates the provided argument. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in tronkeypy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15beba1021e7f60daed074087734c4a931b0b0d93695e6d1bf28aea909f41a80 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-47807 Malicious code in tronkeypy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15beba1021e7f60daed074087734c4a931b0b0d93695e6d1bf28aea909f41a80 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in consolecolornew (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a54001c8462b9c69251a199f4e782ad084ccd11ad435aa785443af2590dc0f02 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
MAL-2025-47754 Malicious code in consolecolornew (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a54001c8462b9c69251a199f4e782ad084ccd11ad435aa785443af2590dc0f02 If used, the code attempts to take a photo using the computer's camera and exfiltrates it --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in tronkeyspy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762c52ac89d263a12b871d89f8eda658aaa6cc433251fb764ccc55d28e94f1e1 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-47808 Malicious code in tronkeyspy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 762c52ac89d263a12b871d89f8eda658aaa6cc433251fb764ccc55d28e94f1e1 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in zenomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c6be0b94e3c9643885ae8893cd9523bd5ad735965a16a3df64a347bd38f8016 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-47814 Malicious code in zenomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c6be0b94e3c9643885ae8893cd9523bd5ad735965a16a3df64a347bd38f8016 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
Malicious code in denomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72b314dc6f8d89e09c9bdd5deae5f16e934e6cddcea9958ef20b43d1b7129154 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-191716 Malicious code in denomenallib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72b314dc6f8d89e09c9bdd5deae5f16e934e6cddcea9958ef20b43d1b7129154 Package is prepared to exfiltrate sensitive files. Different packages use different places for the malicious code: it runs during importing the module, is plac...
MAL-2025-191817 Malicious code in private-evolution (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0fcdd3ad61af1881ab9e5e8b9fb871a0e142868c0be585594fcd32b5f069f6c Package is just calling home and there is no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anything th...
Malicious code in unicore (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d0c63e3dde8ac739b216a37381f04cd29e543075af8fb347b1685daf4a84e9d6 Package is just calling home and there is no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anything th...