Malicious code in databasetapes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d859d21aa59dfad2efc5c2f98253cd1cc808621fb3b7525037c104324e27dfe8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2494 Malicious code in databasetapes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d859d21aa59dfad2efc5c2f98253cd1cc808621fb3b7525037c104324e27dfe8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databaserobooms (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 193ce4e29885d967183910228ce00d02b4380d25ff1a9b342b1fb5b4c124e3ca During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2489 Malicious code in databaserobooms (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 193ce4e29885d967183910228ce00d02b4380d25ff1a9b342b1fb5b4c124e3ca During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databaserotacos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 04d640be20e9d2ff55f7682d535f6fd56b67b50008307c2e41986d6b31d4bfa4 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2490 Malicious code in databaserotacos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 04d640be20e9d2ff55f7682d535f6fd56b67b50008307c2e41986d6b31d4bfa4 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in pycolorlib3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 22c84d1bcfac7d68fb2db1c9610d281372db5e2ef93edb1a90903c6a6b772e6c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2433 Malicious code in pycolorlib3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 22c84d1bcfac7d68fb2db1c9610d281372db5e2ef93edb1a90903c6a6b772e6c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

MAL-2026-2430 Malicious code in k8s-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9358111fecbdb3180b8f4c0c6543abff3024c59deaf488cf3a34089820e96172 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

Malicious code in kube-node-health (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 391555cff14c82156843bee267daf896c3e3e989b9c899ef34b12ac7e23b1c7e During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

MAL-2026-2327 Malicious code in kube-health-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d36d5ed9b1bc15c12e89f48c1228a4f6e3aebe558a67d535655e280b25b4440 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...

Malicious code in workingitme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77ec565b572be137d67ece8342d916cb970b501ee390e7250878e27277685fe9 During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...

MAL-2026-2308 Malicious code in workingitme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 77ec565b572be137d67ece8342d916cb970b501ee390e7250878e27277685fe9 During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...

Malicious code in zzzzthisisitwantsafecheckitzzzz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fbef17827bf88f06c2278d700e386c98e2f1360fd533ba1415c9060ff56a037f During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...

MAL-2026-2309 Malicious code in zzzzthisisitwantsafecheckitzzzz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fbef17827bf88f06c2278d700e386c98e2f1360fd533ba1415c9060ff56a037f During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...

Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2305 Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in databaseroboat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c3d5d00b97ea534e5873e4b0aecaa2895fcc25dfca987d487dcc2510cf14f3a During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2295 Malicious code in databaseroboat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c3d5d00b97ea534e5873e4b0aecaa2895fcc25dfca987d487dcc2510cf14f3a During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...