8 matches found
Malicious code in qlinforge (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713a696ce725031aab16903d7a29c80611a4c4368c7e35bacf29069a3581c602 setup.py registers a custom install command that, on Linux, downloads an opaque binary from http://115.190.124.243:9090/payloadlinuxamd64 to...
MAL-2026-2669 Malicious code in ant-mcp-proxy-for-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 51df3beb4457da4a841727c91a2517ba5727c841c08f9d43cf2b25be9e476564 During use of the package, it silently downloads and executes remote executables or scripts. During analysis, the remote resources were no longer available. Th...
Malicious code in pyregions-snowflake (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c3a6759d779c0fe3ffac5559aa5f8915f72cab6bce545e1fe261f3caab47a65 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
MAL-2026-2109 Malicious code in pyregions-snowflake (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c3a6759d779c0fe3ffac5559aa5f8915f72cab6bce545e1fe261f3caab47a65 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
MAL-2026-1224 Malicious code in spark-ml-utilities (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3c1db0bd2243007553e09eff3018d49b00dbdf3a5183d364225d32f80f7b773f During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...
Malicious code in risk-utilities (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 22f9a9b921e53b4755c41241969fcc8b410b09f29a63ed9c23c5a19c966b4946 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...
MAL-2026-1223 Malicious code in risk-utilities (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 22f9a9b921e53b4755c41241969fcc8b410b09f29a63ed9c23c5a19c966b4946 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...
Malicious code in urllib-slim (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 acbcedbcc1d5bafffbb66128eae99b1fdc6c8e62b65bedd8f62ee2790919d972 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments. In some packages in the campaign,...