MAL-2026-5167 Malicious code in jules-test-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30c3ca1fa1b7237661d28aada477f7316b7e696a55e2c92c4dee200f291140f4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in my-test-package-2025-xyz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a2f3ab0a3c7ef9009c99575d9dd051c4a97575435cabf5d3a4c223f53bc47b89 During installation, the package opens a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in mistral-workflows (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 845e7d9c00baa23350d566fee80621733db4faa141eea3f1f983d86b15fb020a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in mistral-evals (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f79806b5d197ed3b6beeedfb7092ad6da36d1d186ad57dc12be0b030c63726c9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in alembic-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e9b764ee0ccd6a2c6c2db1b7722f083ee9f643cb99d03821d5e6571f68db253 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

GHSA-7MW3-79JQ-XC7F aiograpi has dependency on vulnerable orjson 3.11.4 (CVE-2025-67221)

Impact aiograpi 0.6.6 / 0.7.0 / 0.7.1 declared orjson==3.11.6 and later ==3.11.8 in requirements.txt but setup.py carried a hard-coded duplicate requirements = ... list that was never updated and still pinned orjson==3.11.4. When setuptools builds the source distribution it reads the metadata fro...

Malicious code in apexomni-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 497dca02206d8084e5a7e135245489a5ef9dd03f318b138574bc43386ddac0ef During installation, multiple sensitive environment variables are being exfiltrated. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

MAL-2026-3192 Malicious code in ro-db (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd23f786275f7f9939deab001c8b06daaba21ad7dcb861fd6bb9cdd2e3d830c During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3138 Malicious code in robase-apis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 953430b69a70b8a69dd00f87a8cf96f9b60eaf4dfdd70fd129ba5d2502612555 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-3087 Malicious code in bytedark (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b1b29d53129e34fa2f09eacd9218f1bf87711e4a88587ee9c5f4453cfb6974ac Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3091 Malicious code in bytedfaas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ec7e2decd402442fba2d4ebd7637b596a33ef132120ffe4f3a8b5d2d6ce8475e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in bytedpgsql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 645f636a2360d86d320bbf691de6457d8df8a7e066fa3fce10b8a85f8576a7a2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-3042 Malicious code in pycolorlib001 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d13044c47d5f0b928df9bb3c300bbb520cef7df9cc929b859e7f2edd67d8221f During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2965 Malicious code in build-metadata-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be01b550f3d8914aa6bd8659c9a410054e4e0bf9203d33e93478eb444e957b55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2557 Malicious code in databasesupasafe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 462606bd9f9e3129dcfdd3d667ea6d87e8f58f32ee61727dc133ecb9465d9e37 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2544 Malicious code in roboat-utilities (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 615237831a485ffde23ee69088df25f4ef45d00e99aab6fff27b7ee28f781890 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

Malicious code in robase (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f128f86ab257491fc121f6b5d630cf37776085c139f199ec930ec16a31691855 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

MAL-2026-2540 Malicious code in gd-auth (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 baa9851d66a8d40c23baf029f186e4f8f5366381dadb2d3ecc8cb9420e5e3997 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in genesis-1p-tools-rpm-bundle (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d7a13386739eb38301be183f8fafa0281beef0adc59037619ca870c2b075cd58 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-2501 Malicious code in databaselooks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dd73d73ace43286d9d97ccebb1f758b52cfd114774b862c5b568a7d1151d0112 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...