9169 matches found
Malicious code in dbgpkg (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in colorizator (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aliyun-ai-labs-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
MAL-2025-6490 Malicious code in csvvv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e157e7947b2537be3a2e7840eee2fc4fad72a65954af858d89095d73f1755c03 Importing downloads and starts a remote script. At the analysis time, the script did not contain malicious code. Package description states it's a security...
Malicious code in syscachelib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c8aa87f03342830d082dcfd87dfce0528b19781902f9c9e56a7379046d8a1572 Importing the module starts a UAC bypass through fodhelper to run a privileged shell, and download and execute a remote file. --- Category: MALICIOUS - The...
MAL-2025-191942 Malicious code in zamino (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c9ada91851d5e9411f5c74d5ea595be092fc2e4d2e8f7f7c995b6fbb6bd90d00 Clones of libraries to access Aminoapps e.g. legitimate package amino.fix with added exfiltration of the given credentials --- Category: MALICIOUS - The campai...
Malicious code in my-fun-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6642f3653e49e0a80b7fadf4c06bc64cba8a1a359772f1c7a668888278348fd6 During installation, the obfuscated code attempts to insert a modified Python DLL and runs a code. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in robloxextra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4281a22f488970ba086ca475848dedc3db41f77d760a4c280356d1018480ccf Importing the module starts downloading multiple stages of obfuscated code, that e.g. adds itself to autostart. --- Category: MALICIOUS - The campaign has...
Malicious code in pyximport (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4495a2909bdab391f460c6671937fa60d164f745657520e43700b229f56faf0a While described as telemetry, importing the package attempts to send out some basic info as well as quite sensitive environmental variables. --- Category:...
MAL-2025-6447 Malicious code in atlasctf-21-prod-10 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8cf35ee49ac01d6c8e0fa0ea6dcb0beaadce7091fe25be81c878fab6a0dbc419 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-21 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 79c8505b253779798971bd98108a76e3e9ba4a7a590fa35b73eef9782c70616d On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-07 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1311c7427b70eb825aa126794cd4b42d09c2e5775ceb1abbcb909f7a36bc22ec On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-06 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40700739340f4f0bb3e0439a94754cb868827b002cad84a1dfca90da1dfa032d On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-14 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53e97c9ccd81536ef4d3b1aacb14600cc31b01f8bf00b53326458e485459c7e4 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-20 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ffe859775c26074cc4af620ba898f558fb64310ff0cd6ac1cb212700fadcb182 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-01 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 258b21be0ec08a121a4b506eb1cc9409d08b0cfecc9a2b995181dee57254afc7 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
MAL-2025-6441 Malicious code in atlasctf-21-prod-04 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 001a32ea254df328ea468b5f678beeac998089d5d28d365d4bd412f5b6839267 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-29 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3ae50dd887d083473a6316352191608a5075fa5abd83bd4b2bbd3e1e2273a4d4 On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in atlasctf-21-prod-05 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7e008f819b27019b178836f9edea97e159c3c1f765d391800ea99f06a26ce20a On installation or importing, the package attempts to exfiltrate some basic information, e.g. /etc/passwd --- Category: PROBABLYPENTEST - Packages looking like...