356 matches found
MAL-2026-35 Malicious code in aiihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in aoohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d3438b2d065c0535b5ac80ce789201be4f8095642d0f10a20a7da13d46152f8 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-37 Malicious code in aoohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d3438b2d065c0535b5ac80ce789201be4f8095642d0f10a20a7da13d46152f8 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in auohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f4b76a407d91e23cb990d6ed08e3c0e81898f2b97d690db76b4e3b547fda5fab Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-38 Malicious code in auohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f4b76a407d91e23cb990d6ed08e3c0e81898f2b97d690db76b4e3b547fda5fab Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in aiohtto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9338a4f3f167cf0ba279696ac9ae9bae26219391e2a87a805cc8bb92b4cddd6e Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-36 Malicious code in aiohtto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9338a4f3f167cf0ba279696ac9ae9bae26219391e2a87a805cc8bb92b4cddd6e Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-27 Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-26 Malicious code in pdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...
MAL-2026-6 Malicious code in ziphash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e9a36a54bad10e0f086740a84fd0a837dd4bf1cc9c3c0707648af4bb3855a03e During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in cryptozip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 157ea6b1f1c3d4ed5564c494db770e9156f3e269f12cefec6e4270085a762f26 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in extrazip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
MAL-2025-192948 Malicious code in extrazip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
Malicious code in envtoolsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8718f9207ffeca355720b0d4a59cc778fabe7879fc354837d655affac6a82321 Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...
MAL-2025-192929 Malicious code in envtoolsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8718f9207ffeca355720b0d4a59cc778fabe7879fc354837d655affac6a82321 Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...
Malicious code in unizip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 36d788bf5be2a646474da2cb929d2b24c328cd5bbd997697780a15da181d1053 During initialization of the archive-support class, the package download and executes remote malicious code --- Category: MALICIOUS - The campaign has clearly...
MAL-2025-192686 Malicious code in runtimeutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d312906cc585fcd02b2ac0b52bb04a23b0294532e3625c7f5e27bf1e4b51e4a Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...
Malicious code in colorfulpacket (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46d838ba056cc96b43fd6a859a9d351ffda2aee0cdcd2b47ea13f3f38b31d038 Importing the module downloads and executes malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2025-192684 Malicious code in colorfulpacket (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 46d838ba056cc96b43fd6a859a9d351ffda2aee0cdcd2b47ea13f3f38b31d038 Importing the module downloads and executes malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...