267 matches found
MAL-2026-2172 Malicious code in v2-8-3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b90faec9a57b74163b9282007ed27f9602abf0d5307115928eb4ca75d98f8c72 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sonic-platform-common (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in lm-sys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 69240e51e47ad6f05a6d2e98047b80c3beb9f2e05d1449b50606c812b9eb1c1e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mattermost-airflow (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 667be9d0c5eaea7acdf1c2593165304280ef7b67bfbf4d8c0f36065836fe834c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...
MAL-2026-2029 Malicious code in pipinpeace-reverse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 471ba9f8dde66035e8bff446fc8acb160f041648a1fc47dd3f00db6e2ea58d08 Package is designed to start a reverse shell during installation. However, it requires providing a URL as an installation parameter, which suggests it's more...
Malicious code in efghr-honeybee-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e77e2d0088390e5dc421f70a65ade331bfbf554afcc9cc42362098d0ed130692 During installation, package attempts to modify LLM configuration files to provide a backdoor instruction for further control over an AI agent. --- Category:...
Malicious code in init2winit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in airio (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6edae69303a2c992df68a1743104255c7de6aa8beba5f7b37eb9b91707789d9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in cloud-datasets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2026-29521 Hereta ETH-IMC408M CSRF via Configuration Setup
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...
Malicious code in bpsm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5dfe0d38862649d74eb0c306f047d854004293223eae7cfa7f4fc82c9370bd96 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in simple-text-parser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 028015ffba2e58b87cbc6405ccb9358c194b81fafea44e7359587509510d4027 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecob (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f6e22f0d73fc85bdf6e0948da43079380af2a809146077afae2fd451315397e0 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecosso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca3839025ccad67334436cff10b99fc2c407515ed2d9a4e146d11b253b356c8a Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in chat-xdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e1f6d17089af4d8a0d8ab4b5ab9398a250b54d8d605c178080a7f275a6ab4687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1277 Malicious code in prateek-yadav23 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e73aa57c13235ec4d3bcf7aa6139bb5a1bdbade9d72ae81a20c291766b9ac7ab Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
MAL-2026-1275 Malicious code in hostlists-plugins-default (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 21b72625bb74661ae95d3317fe4384105bb6dd6d026b049f84a192aeeeeae9df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1086 Malicious code in tchap-bot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ca239020bc35efc249b5f387dc3ae473132184319b88a498ba3f7ddd9dd6dfe3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1082 Malicious code in cdf-clients (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b42b01e54e7410b51742faa0cb35fe74a73333f619cd8634b5491d3b32418732 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...