184 matches found
MAL-2026-2006 Malicious code in mangrove-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
MAL-2026-1989 Malicious code in init2winit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1991 Malicious code in nsscache (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f799f92bcb0f24e47655a4a38d97a8981bad8f31f28f7d82a5378ae8aa0f1c74 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mcp-transport-proto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a40306e4035df29c739d5073ccb341685275d5cebba588b7014898229752e11f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Sercomm SCE4255W 安全漏洞
Sercomm SCE4255W is a broadband gateway device produced by Sercomm in Taiwan, China. Previous versions of Sercomm SCE4255W DG3934v3@2308041842 had security vulnerabilities. These vulnerabilities stemmed from path traversal vulnerabilities in the /ftl/web/setup.cgi file, which could allow...
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python projects — including Django apps, ML research code, Streamlit dashboards, and PyPI packages — by...
MAL-2026-1286 Malicious code in demozecosse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd7840785d53d90edc61c6138072f4ed7a01b35dd05d76d9d6f5343ec93bff7 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2026-1284 Malicious code in demozecosso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca3839025ccad67334436cff10b99fc2c407515ed2d9a4e146d11b253b356c8a Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2026-1144 Malicious code in roku-aihub (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 19b48d460fde1b6b9802a2f2b7d93928f89b0474235adc54553971ed4575e5df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in spark-audit-notify (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1c527925d1e7cb4055b6c154326cd54a713ad543349c2b3b6f8ab8f0d75e8cbe During installation, host identification details including AD domain are exfiltrated through a series of functions obfuscating this behavior. --- Category:...
MAL-2026-982 Malicious code in trunket-dev-driver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9ed872a63bcf6182fad3d7b6cfbe87019ff531f1ecff3a511b10371479c79810 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2026-2905
A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...
MAL-2026-977 Malicious code in airbnb-identity (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40e5d276e9f30fb5f1071927366f0f13024da90b79fdfb1967cc5bd6d2330342 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in crc32fast (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b89c674974bf58c7388a27bf1c6ea954a890de45a3e9ba4830c1eada3a3ea6a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in acpi-tables (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7388183e13e400f894ed9f6f93e05049f6f4719b1610d7c26a8b52bf88901266 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in testppe-pkg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 49f139a3af58a80c706b3bc4b6c38676411528f34be00c79351705767f39eaa4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-803 Malicious code in moveworks-pipeline-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bf307b5f3cf29ebae108dfd8b8767c38bc26da4a5bb4ca3f82ed63e137921531 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-759 Malicious code in pipelinepoision-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in cicd-ppe-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c9f1bfe5b5514b9b3a1ffad43be1f06d22faf12f031d325a9e689340c2ab16a0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...