359 matches found
MAL-2025-192686 Malicious code in runtimeutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d312906cc585fcd02b2ac0b52bb04a23b0294532e3625c7f5e27bf1e4b51e4a Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...
Malicious code in colorfulpacket (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46d838ba056cc96b43fd6a859a9d351ffda2aee0cdcd2b47ea13f3f38b31d038 Importing the module downloads and executes malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-192684 Malicious code in colorfulpacket (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46d838ba056cc96b43fd6a859a9d351ffda2aee0cdcd2b47ea13f3f38b31d038 Importing the module downloads and executes malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in connections-api-hidden-runner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae6bedba7c21e763c5a0e27952cf75a13a7705e7681027c87a833417a2035b70 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2025-192658 Malicious code in connections-api-hidden-runner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae6bedba7c21e763c5a0e27952cf75a13a7705e7681027c87a833417a2035b70 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in hidden-powershell-runner-ax7 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5785c01837ec1727b89125cf1a3fec3ad941c4ff0b1246d8d16fec1dff53223a Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2025-192659 Malicious code in hidden-powershell-runner-ax7 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5785c01837ec1727b89125cf1a3fec3ad941c4ff0b1246d8d16fec1dff53223a Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in yzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 81477965a8a70d1ffef0d388478d3e05ef2eea54ade0a9c00ef923deb41b00cf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-192468 Malicious code in yzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 81477965a8a70d1ffef0d388478d3e05ef2eea54ade0a9c00ef923deb41b00cf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in gxzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e0dd8700d5267b8d9bbe270798b11d2250761decf1de89249eab6d90a29080c During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-192467 Malicious code in gxzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e0dd8700d5267b8d9bbe270798b11d2250761decf1de89249eab6d90a29080c During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in kzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a81e0fa699edbad810083efb9de4e22f5088c31c22fdf71f7e519269dc5ad01 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-192432 Malicious code in kzip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7a81e0fa699edbad810083efb9de4e22f5088c31c22fdf71f7e519269dc5ad01 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-191830 Malicious code in pulsecord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...
Malicious code in multithreadedexecution (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3248950b032e1381ddc79d43dfdba8fb6dccce4b1afafd5825e560d793b3bd09 Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-191798 Malicious code in multithreadedexecution (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3248950b032e1381ddc79d43dfdba8fb6dccce4b1afafd5825e560d793b3bd09 Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
MAL-2025-191783 Malicious code in logguru (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 64b91d48504c05711a759a1cb2a0bfd63650f47d05d04296bbea6269ed4229b4 Malicious clone of a legitimate "loguru" package. There is added code to download and run an executable. Sandbox analysis reveals attempts to steal browsers da...
MAL-2025-191718 Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in discord-selfsbotsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b56aa48c0654abd06a9d624b8c1b5ab4ce170399068d97b994bb4d63635bf18a Once run, package downloads and installs an infostealer --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...