SUSE-SU-2026:20443-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API bsc1254867. - CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain bsc1254866...

ClickFix added nslookup commands to its arsenal for downloading RATs

ClickFix malware campaigns are all about tricking the victim into infecting their own machine. Apparently, the criminals behind these campaigns have figured out that mshta and Powershell commands are increasingly being blocked by security software, so they have developed a new method using...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this upda...

Malicious code in aliyun-python-sdk-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Malicious code in alibabacloude (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c45df7f85cfaba4bf141f0a17ba2d0987e080131bab1f1233798a1287d63fa7f Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

MAL-2026-915 Malicious code in alibabacloud-code-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5e4d81a71d0710ac3618ec41e8027ee6a96ae9845ca67b33b950c8d99d8d2e8a This package impersonates Alibaba Cloud account and contains highly obfuscated code. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

Important: Red Hat Security Advisory: python3.12-wheel security update

An update for python3.12-wheel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

SUSE-SU-2026:20374-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. - CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length bsc1254400...

scan-exploit

pyt...

MAL-2026-913 Malicious code in groq-ppe-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 517d20a09a1e53ce02484aa25ab2483ef75022e96f76d72fe3125bc1e16a359d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-912 Malicious code in http-request-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 13b29a753802db633ab987963543535999a246049761d4d29699b66edf207f13 During import, package masquerade and starts an embedded executable. The executable has signs of infostealer activity --- Category: MALICIOUS - The campaign ha...

MAL-2026-911 Malicious code in malpkgv2-0 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 1f614e8ee6cce92be8b98394967c253336c0145808962bfda5032f085ece4eef This package executes arbitrary commands, steals sensitive data, exfiltrates credentials, and uses obfuscation techniques...

nfstream 6.6.0

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

RHEL 8 : python-urllib3 (RHSA-2026:2728)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2728 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

RHEL 8 : python-urllib3 (RHSA-2026:2723)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:2723 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...