Lucene search
K

375 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in playwrightr (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e165b925f82629524e611c81597c32a171df7cec246dc73f268d8192ccbe2c5 setup.py registers a CustomInstallCommand that runs automatically on pip install under Windows. It uses WinHTTP via ctypes to fetch a binary from...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago8 views

Malicious code in pyqt6darktheme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8cd6d16792d681b160ae1e11b3f698d8fd3004cd6019704008ad1c649fbe6f67 Package downloads and runs a remote executable, which was found to downloads further exes and starting coine mining --- Category: MALICIOUS - The campaign has...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/04 6:5 p.m.8 views

Malicious code in httpprobe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb46b890b54f51f3a98c1935dbd50e143430757c5daf4080039d32865b04c1d5 The package advertises itself as an 'HTTP probing tool for security researchers' but contains no HTTP-probing functionality. Its only behavior is to...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 11:50 p.m.9 views

Malicious code in bytekit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bbaea22b635a4a8425964572b733b806f45714a9090492d1c39d545088fe336 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 11:47 p.m.6 views

Malicious code in schemavault (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ae0aa9efa2a8389cfe9d5c41d5ab3689f4965c945a24613493f94f9de033ab1 schemavault 4.1.0 is presented as a schema-validation library but ships capabilities and data that have no relationship to schema validation...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 11:38 p.m.10 views

Malicious code in procwire (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42f7077b3fb95ad31689f096805811e51afe78e7f21c2123d5dcc25343a11ff2 setup.py auto-executes on pip install only guarded by an internal PWDIST env var check and, on Windows, reconstructs an attacker C2 URL and XOR key a...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/07/03 10:45 p.m.7 views

MAL-2026-6749 Malicious code in ipa-user-collector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2df148f70b40274f48d5bc4d8ea5a97bb434a743cf7a5c1b271a5a5cd7fa3907 During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 10:45 p.m.10 views

Malicious code in ipa-user-collector (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5719ec23d0195e518782dbc26a8a05b54fd827d1ec18d41619d163f7175eaa28 The package ships an empty runtime module src/ipausercollector/init.py contains only version but overrides setup.py cmdclass for install, develop, an...

6.5AI score
Exploits0References3
OSV
OSV
added 2026/07/03 10:43 p.m.12 views

MAL-2026-6748 Malicious code in haproxy-config-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f70d07844bca4fadfcedb195f5768c8a95318af4d62a4bcec94556b99b72c4ad During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 10:43 p.m.12 views

Malicious code in haproxy-config-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f86ffde45262c5d45a24458a85116ab5ca80451ce3d3159f9d7cad6599ad145 setup.py registers install, develop, and egginfo command hooks that run a routine which XOR-0x5A-decodes a list of attacker-controlled Cloudflare...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:23 a.m.8 views

Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References13
OSV
OSV
added 2026/06/26 9:23 a.m.5 views

MAL-2026-6515 Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/06/19 11:38 a.m.20 views

MAL-2026-6208 Malicious code in fastercoding (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c302e448868fcff3110a45d20b53d9d887cfb5aa31bb66df90702f2767246b4 The package exposes a single public function run re-exported from init.py which, on Windows, downloads BackgroundSyncService.exe from...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 11:38 a.m.11 views

Malicious code in fastercoding (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c302e448868fcff3110a45d20b53d9d887cfb5aa31bb66df90702f2767246b4 The package exposes a single public function run re-exported from init.py which, on Windows, downloads BackgroundSyncService.exe from...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/19 10:38 a.m.11 views

MAL-2026-6206 Malicious code in fastercode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14de4534d4cf2290f5f54bc5929fa799b73dff2e6a03aa879ade141dfc6ea054 The package advertises itself as a Python performance helper "Make your Python code run faster" and exposes a single public function run. On Windows,...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 8:52 p.m.8 views

Malicious code in boardflow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a7f48df7609edb5bab9d9e572f093994d071165578a58032a69392d62b08b86 On pip install boardflow, setup.py spawns a background thread that fetches http://pooron.org/test.exe over plain HTTP into the OS temp directory and...

6.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 9:48 a.m.15 views

Malicious code in temp-development-package-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14f3eeecfabfcb249c5f6ec2a20824355ac313ab18c677334076ca9501607ec8 At install time, setup.py invokes installsitecustomize, which copies src/tempdevelopmentpackagetest/setup/sitecustomize.py into Python's purelib...

6.1AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 8:58 a.m.17 views

Malicious code in myfirstpackagetestaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c05b4934471efac919453e87b37a94a9a92c930455283c0bfb85b535c61f4a6b During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/16 8:58 a.m.7 views

MAL-2026-5875 Malicious code in myfirstpackagetestaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c05b4934471efac919453e87b37a94a9a92c930455283c0bfb85b535c61f4a6b During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/16 8:47 a.m.7 views

MAL-2026-5874 Malicious code in aaaazzzzaz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1698c50a4706300296a442bbb0ae57280e870d8c83575d68218143e4ffd6645 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
Rows per page
Query Builder