359 matches found
Malicious code in tensorflowlitex (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4b20463291f0bcc715ff6daffb6b2cc258096921b2aaf2a0b9bf96947b49b46 Importing the module init.py starts downloading and executing a remote exectuable, which has been identified by any.run and tria.ge as a malicious infostealer...
MAL-2025-191890 Malicious code in tensorflowlitex (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c4b20463291f0bcc715ff6daffb6b2cc258096921b2aaf2a0b9bf96947b49b46 Importing the module init.py starts downloading and executing a remote exectuable, which has been identified by any.run and tria.ge as a malicious infostealer...
Malicious code in singtok (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20dad294eb5c742d0044f1dde01f51646f0b34a86a7cb86c84547981276f46ce Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...
MAL-2025-191869 Malicious code in sintok (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ac54e69b2c1c8f39c9a938ce34d0f0382a0185aa821e4d8e6eaeaac1c456ecb Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...
MAL-2025-191868 Malicious code in singtok (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20dad294eb5c742d0044f1dde01f51646f0b34a86a7cb86c84547981276f46ce Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...
MAL-2025-191899 Malicious code in tiksing (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef883e1ad19e5cbeafdda023c535abc9a14f84f81dce26e06d9f10bf77013ab5 Importing the module starts Obfuscated code that downloads a well-recognized malware. In the further variations, the code that download and starts the maliciou...
Malicious code in network-utils-simple (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd943d3243197ac153b2623548e62b4225a59f611cf13fe962bc3ced369a32d During installation, there is an attempt to download and execute code. The package has no real functionality. --- Category: MALICIOUS - The campaign has clearl...
Malicious code in requesr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b792f17b467610a1021820a7718884aa436487a9ec75d5ebf889d400efeaec24 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
MAL-2024-12338 Malicious code in requesr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b792f17b467610a1021820a7718884aa436487a9ec75d5ebf889d400efeaec24 Importing the module downloads and starts an infostealer attempting to exfiltrate data and establishing persistence through autorun directory. --- Category:...
Malicious code in my-main-manager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ac004ff76ebc011d60ae86c56b7f57ddb6ac0d24ff0ddd9ad777319775f79282 While the package appears to be a manager for Windows service, the linked executable is an infostealer with capabilities like cookie stealing ang keylogger. Th...
MAL-2024-12308 Malicious code in my-main-manager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ac004ff76ebc011d60ae86c56b7f57ddb6ac0d24ff0ddd9ad777319775f79282 While the package appears to be a manager for Windows service, the linked executable is an infostealer with capabilities like cookie stealing ang keylogger. Th...
MAL-2024-12309 Malicious code in my-service-manager (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 58c8e4c726cef11c6d7d60916210f532060a6ff7a98bb7fea5872eb10335dd5d While the package appears to be a manager for Windows service, the linked executable is an infostealer with capabilities like cookie stealing ang keylogger. Th...
Malicious code in catme (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7b5df44af9cbed7b8a7112f36f9c99b466e9143b36d62fd43e4caf480df811d0 Importing the module starts executing a remote script, as well as leaves a persitance in the .bashrc --- Category: MALICIOUS - The campaign has clearly malicio...
Malicious code in backwwii (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cf5e7427061483e779c53f125b5792b2e650261bcdca0a9f4d90e9ca883c04d0 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2024-12212 Malicious code in backwwii (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cf5e7427061483e779c53f125b5792b2e650261bcdca0a9f4d90e9ca883c04d0 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in colourfulls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 735ca3ff38b76e7b11c1f7b884880871427299042e250bb42e17dcf66b8c8e11 Once imported, the module attempts to download an executable, put into Discord directory and most probably trick discord to start it. The download link does no...
MAL-2024-12246 Malicious code in colourfulls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 735ca3ff38b76e7b11c1f7b884880871427299042e250bb42e17dcf66b8c8e11 Once imported, the module attempts to download an executable, put into Discord directory and most probably trick discord to start it. The download link does no...
MAL-2024-12332 Malicious code in pymatcha (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 779c6dd8d3b44cbb116c534cbd88dd2a73e5ee6f946e7e37c66f7eba13dedefd Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...
Malicious code in cblines (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 80531e39cd96b75b32c7549840f7bc6984377765d9f9f663c0b560332b4e1b84 Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...
Malicious code in pymatcha (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 779c6dd8d3b44cbb116c534cbd88dd2a73e5ee6f946e7e37c66f7eba13dedefd Importing a module starts downloading and executing an infostealer, widely identified by AV/sandboxes. --- Category: MALICIOUS - The campaign has clearly...