EUVD-2026-37738

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

The ransomware group known as Qilin aka Agenda, Gold Feather, and Water Galura has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the...

EUVD-2022-31063

Malicious code in bioql PyPI...

MAL-2025-191887 Malicious code in tcloud-python-sdks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 601415ac1e4afe43331c4b78d99e406f34b4a970a365a366cdc0598c5cb22f9c This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

Malicious code in ws-api-typescript-websocket-hooks (npm)

The package contains code to exfiltrate local machine information to a remote server over DNS. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6241b41ae78615002b8b7670ca4926a95d9cdc39cdc814b7ed794226bc5f7014 Any computer that has this package installed or running...

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index PyPI repository that impersonates a software development kit SDK for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. The package, named SentinelOne and now taken...

UBUNTU-CVE-2019-17637

In all versions of Eclipse Web Tools Platform through release 3.18 2020-06, XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences...