Malicious code in postload (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9eecf916ef20a31cbf57f2d408d6e3c8f80fa9dd6292aa5ae614e017bed13858 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in getpyw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7acd8cf6fd74bcb907ac5b63892113ba00cb46e39d913724798340f5f65fbafd EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in grandpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4a21df4082a8a52f353e247b5def05e841490f639c043b98e2bb85fbf216343d EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in guiad (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 89a83ee64238bd21afc798da5fdbee6dfa1249e24326fabeb6dcf62af86f7c3a EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in minepost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 76bee5f785c0dcbc6f491fd4a0e55026a0642ca1239e2490a228e4cd052f7082 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in grandurl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c79a2a8050c68b81599a731575a18aa80a6a035a57fe944a6d3c69e7841f7b60 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in infopost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 50286e0443c5cda90c4b2e70923670db18925f2f02ced361eb21d5961a7129f2 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in guicpu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5763563ba13a086b29e12df7d4fd3c24c5c1fe3c2b925eccb4e69ce0a395f749 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2023-25578 +1 more via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2023-25578, CVE-2024-52581 Source advisory: OSV:GHSA-P24M-863F-FM6Q...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-23934 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-23934 Source advisory: OSV:GHSA-PX8H-6QXV-M22Q...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-25577 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-25577 Source advisory: OSV:GHSA-XG9F-G7G7-2323...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-25577 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-25577 Source advisory: OSV:PYSEC-2023-58...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +1877 more potentially affected by CVE-2023-23934 via werkzeug (>=0.10.1 <=2.2.2)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =0.10.3, =0.8.44.4, =4.2.0, =0.4.0, =0.9.2, =0.1.0, =1.5.2, =0.1.1, =0.1.2 and more Source cves: CVE-2023-23934 Source advisory: OSV:PYSEC-2023-57...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

Malicious code in tkcaelndar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8c49be3ad2a45b16c6ad5922865a55eb1b6086e4af4f531855090f53be356741 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in tkcalenadr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx b7cf03379278d5958cb3faa876beea8f932ec37224f21479165c81786494fec4 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautifulsou (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx da2062b8d076556b32fa8c5c2755a46634ea891182547b05c2652a565021d825 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beutifulsoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f1dfa0882ee26c021dbe459f69acb1c31a8f6141b5df94313b6e806deb2027ee Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in beautifusoup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3a6c340d387a9739780a2da49186b1349c0c82073cbe49bf70102e75cb1e55f2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...