20 matches found
Malicious code in justinleaguekems (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 039b35e6547b64dd3e28ba9e178b9716447f88d6bd9558766c9ffe8850262d99 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-3380 Malicious code in justinleaguekems (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 039b35e6547b64dd3e28ba9e178b9716447f88d6bd9558766c9ffe8850262d99 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in yeahmankema (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e82095096c026f9ea1f8a44e7b94b0f9def1346ef887a8a6bb4e11aedc5abd63 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-3367 Malicious code in crayrandomiz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 70d147758fe5288bee2adc712e45b7836211b83ce0b209fd42a31e4b3696bbf2 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in quicklytookerv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb02e3ddf9f61661d72bac1e244227aa8b6a8a88ab1226a521cc7aa48d5da37 The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-3364 Malicious code in quicklytookerv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb02e3ddf9f61661d72bac1e244227aa8b6a8a88ab1226a521cc7aa48d5da37 The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
Malicious code in randomchoicemas (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0dc4c38310ad4ec9a939abd09fa48fce4f2f2e91e02389d59f3fefc30eda4c2c The package silently exfiltrates screenshots and basic data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-3230 Malicious code in currenttimerpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3205 Malicious code in doisomgcxog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 78d6a043bbe150c65e0a3e7e56c69f1ff32171b70a684d512c87a2bfe0baf0b5 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
Malicious code in timestamp-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d48be8ff856b19622d8bc8417db82b8752c41fb88aec5cd89d04bbee1bc729ef During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-3136 Malicious code in timestamp-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d48be8ff856b19622d8bc8417db82b8752c41fb88aec5cd89d04bbee1bc729ef During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...
MAL-2026-2844 Malicious code in shelipp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2842 Malicious code in looopiw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in sher-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2839 Malicious code in sher-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2431 Malicious code in nwin32tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a47778618cad57dbc584afdff7ed138032b69c423a9812e1bc8f86c13129f01d Importing the module starts a loop that listens to key strokes and on every capslock press exfiltrates screenshot to a hardcoded location. --- Category:...
Malicious code in coredxloader (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b26408ee7735357c61e0a81e60620000999ef84eba419797b20858e5ce5b4a62 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...
MAL-2026-2140 Malicious code in coreloader (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f5d7c219be7c779fe573e80949a521df2a096e7358be92f99cee6a50dd252e09 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...
Malicious code in myproject-bola (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f85bf2df7a8a311b7140ca4086746ecf3c26b219843b96c1f9f8c22f505e7edc Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...
Malicious code in isb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 93750cbddba7897fde1d31836971e11082ad2076012c7caf708980de45827840 Starting the module initiates an infostealer with a Telegram bot and RAT-like functionality and hardcoded credentials. The code automatically adds itself to...