55 matches found
MAL-2026-5840 Malicious code in testpackagemanyhttpsgo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 336f39e218fe5b5a09ef8ee7757efa7a0ca73c0fe6571bc232d735448499a950 At install time, setup.py fetches https://tmpfiles.org/dl/wawHVGgfydD7/6a306c5f03a52.exe via urllib, writes the response to disk, and executes it wit...
MAL-2026-5819 Malicious code in mozautomation (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 26d0e7dfb965969f23786d4bde7d70e597b83df522434aea471171d48442cd12 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-5797 Malicious code in neurodrift (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1b632fa784b6125daaba0e4a2b9e775bc4fec21c7d41127b887f9dfe6e873ce0 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...
Malicious code in llmfree (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e779d2361b98c48a801fb29dedf2931f94b4264314d074895e14482ad0d5a15f During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...
MAL-2026-5768 Malicious code in bash8 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 375ef978992bd3c12f8778e62d2c6f8a105fa3a15cc508db6d8dd6043fd7507c setup.py overrides the install command with a custom InstallWithBeacon class that, on pip install, collects the installer's hostname via...
Malicious code in easyllmai (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4589bbb71e0bb3589a162bf2102bba5e8bf7124d3988235647d1e3c1d01821d0 During pip install, setup.py performs an unauthenticated HTTP fetch of https://pastebin.com/raw/yBcUM1QB, takes the first line of the response, and...
[SECURITY] Fedora 42 Update: python3.9-3.9.25-9.fc42
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
Malicious code in gd-auth-sso (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8f23b8545f85df66640646272b028ab4db1032fcb4fd5bbd745971b3438cc4f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in noonhelpers (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2cb54ce39fd435f904d72dbbb5eef46166291adcd5106ea8d74d3c3c66aa3a5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
[SECURITY] Fedora 43 Update: python3.9-3.9.25-7.fc43
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
MAL-2026-2151 Malicious code in tap-wordpress (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 53e2ce83230d861f844469c970eee52f778a63852ef04de9007e9bb8f883256e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in simple-text-parser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 028015ffba2e58b87cbc6405ccb9358c194b81fafea44e7359587509510d4027 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in demozecox (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b32c6e6d2566a58b9a104d162c060982bff488fa547fb706c43553d0b7185ccb Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious code in prateek-yadav23 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e73aa57c13235ec4d3bcf7aa6139bb5a1bdbade9d72ae81a20c291766b9ac7ab Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...
Malicious Package
Overview testing-package-xdsfdsfsc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-814 Malicious code in http-notifier-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in testing-package-xdsfdsfsc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 128bcd8c35be8360c070b2fc3bbb64392b17fd5c576efdc7d99e2722d992bc44 The package testing-package-xdsfdsfsc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-704 Malicious code in testing-package-xdsfdsfsc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 128bcd8c35be8360c070b2fc3bbb64392b17fd5c576efdc7d99e2722d992bc44 The package testing-package-xdsfdsfsc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-510 Malicious code in radishwxm5 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4cbabb01d98bcad5705b98f5aac22b9d8f53e8c97e2fe5ab8bca66661e6c0644 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in test-poc-package-for-session-2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7003b7bd9585bbb25ce1f957ffef83603883d550f07f77443780a7d47a7f20 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...