EUVD-2022-31063

Malicious code in bioql PyPI...

MAL-2025-191887 Malicious code in tcloud-python-sdks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 601415ac1e4afe43331c4b78d99e406f34b4a970a365a366cdc0598c5cb22f9c This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

Malicious code in ws-api-typescript-websocket-hooks (npm)

The package contains code to exfiltrate local machine information to a remote server over DNS. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6241b41ae78615002b8b7670ca4926a95d9cdc39cdc814b7ed794226bc5f7014 Any computer that has this package installed or running...

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index PyPI repository that impersonates a software development kit SDK for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. The package, named SentinelOne and now taken...

UBUNTU-CVE-2019-17637

In all versions of Eclipse Web Tools Platform through release 3.18 2020-06, XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences...