15 matches found
MAL-2026-4837 Malicious code in my-test-package-2025-xyz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a2f3ab0a3c7ef9009c99575d9dd051c4a97575435cabf5d3a4c223f53bc47b89 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in quicktestybesty (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 459aa54bf8ac82101b14d4f85d01dde304aa638276b69a76254ff080ea52d5af During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in pycolorlib001 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d13044c47d5f0b928df9bb3c300bbb520cef7df9cc929b859e7f2edd67d8221f During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in api-feature (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c86a3079da8157aef32d5d4c4f2420239981a142fc1150eb0ac2e695be2779e9 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in databaselooks (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dd73d73ace43286d9d97ccebb1f758b52cfd114774b862c5b568a7d1151d0112 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-2283 Malicious code in interwebz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 02fa95914b7edc63771b97f48f4e05119f87309224b5e9b5aa990ab6dda8acc2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mangrove-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6714958f20775c2347e9c8b606d1de2e28ed29fe4b1a82261ca4fb966fc20fa During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
Malicious code in pipelinepoision-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in brolool4141412 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 26b5ad1d170ede931c108f8a9d4342347b2983ae9fc5330b25ddb1dcc4132eb7 Package tests possible malicious actions during installation by starting notepad. There is no other functionality, it's clearly a test of possible malicious...
Malicious code in pytelegramapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d50aff9e36f41642610a858c0117318ed7483aad0e4f517a1485ca2d66574c2a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in appsec-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c03052298655ba853abe857c8ebbdf21fbb59942800dd2e86aeffbd8ed2751bc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in hello-world-installer-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 aef5897e3e41898c7d14d6acf00254f63adbd159b1a9cc9adba26603edee668c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in adafruit-display-text (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e23c09627673ad313852ef48f846b3ddd5a27a8eb53f0be5ce034a88f45c1a93 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in companyx-metaflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ec7089679a9c5637609b94cb606e78aa693a8bd224ba334ca46b3f48c54169c1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2024-12340 Malicious code in route-search (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2c63ae8357166fc3afca468347faccce408b6ad59df7d33f958dc0b4f593b598 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...