363 matches found
Malicious code in shelipp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2844 Malicious code in shelipp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2842 Malicious code in looopiw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in looopiw (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2840 Malicious code in sher-server-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e83ee8187475c07ed6ea406a698e3f9d3c55efec8e689ba0c110a6ee2ce1012b Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in sher-server-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e83ee8187475c07ed6ea406a698e3f9d3c55efec8e689ba0c110a6ee2ce1012b Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
Malicious code in sher-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
MAL-2026-2839 Malicious code in sher-net (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...
EUVD-2026-17385
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot tokens are embedded in MediaFetchError strings and leaked to lo...
CVE-2026-32982 OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot tokens are embedded in MediaFetchError strings and leaked to lo...
CVE-2026-32982 OpenClaw < 2026.3.13 - Telegram Bot Token Exposure in Media Fetch Error Logs
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in the fetchRemoteMedia function that exposes Telegram bot tokens in error messages. When media downloads fail, the original Telegram file URLs containing bot tokens are embedded in MediaFetchError strings and leaked to lo...
OpenClaw Telegram media fetch errors exposed bot tokens in logged file URLs
Summary openclaw versions /..., so the resulting error strings could leak bot tokens into logs, console output, or any downstream error surface that rendered the exception text. This issue is in scope under OpenClaw's trust model because the leaked secret is an OpenClaw-operated integration...
OpenClaw Identity Forgery Vulnerability
OpenClaw is an open source framework for Telegram bot rights management. OpenClaw suffers from an identity forgery vulnerability. An attacker can exploit this vulnerability to illegally manipulate bots by recycling usernames to disguise their identities and bypass privilege restrictions...
MAL-2026-1291 Malicious code in requests-lite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d343c918303c251cdef262a6e1cbdff6ae797cf56115a81cfa5449732395b63b Clone of a legitimate requests library. The hidden code runs when using the requests functionality and starts a Telegram bot awaiting for remote commands. ---...
Malicious code in requests-lite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d343c918303c251cdef262a6e1cbdff6ae797cf56115a81cfa5449732395b63b Clone of a legitimate requests library. The hidden code runs when using the requests functionality and starts a Telegram bot awaiting for remote commands. ---...
Malicious code in python-requirements (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
MAL-2026-1264 Malicious code in python-requirements (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
Malicious code in python-module-installer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 61bfa181c5afb9e33e0d529138c813fc05d8130062182d9d1a5cb4ef9c8da0ea The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...
Malicious code in dakhara (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f530f4be41fa64a7275884280c22fb98a85accb8ef50538cd7677a109bfe3e29 Running the package automatically starts a Telegram bot waiting to execute remote commands. The bot credentials are dynamically collected from the pastebin. --...
MAL-2026-1235 Malicious code in dakhara (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f530f4be41fa64a7275884280c22fb98a85accb8ef50538cd7677a109bfe3e29 Running the package automatically starts a Telegram bot waiting to execute remote commands. The bot credentials are dynamically collected from the pastebin. --...