Malicious code in flycord (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2071af47a4b327550f5614253b291b893e0741e6f2ebe3b4378a4794696d211 When the user uses the provided library, this package silently reports basic information and the result of the user's action to a hardcoded, obfuscated URL...

Malicious code in inkpy-jinja (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c230bd12491edc91bbbc1080b2d650c4889a8b9269b85a346839a32900bfad2b Packages are designed to collect basic info about the user when importing them, and have no other purpose. While they claim to do so, some packages from the sa...

Malicious code in ttat-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 171a49cab7c7b9f2c358c0e14882706dcd80cde089799698400155ee26240e80 Collects basic information about the system, most probably a pentest or bug bounty. --- Category: PROBABLYPENTEST - Packages looking like typical pentest...

CVE-2023-49278 Umbraco CMS brute force exploit can be used to collect valid usernames

Umbraco is an ASP.NET content management system CMS. Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a brute force exploit can be used to collect valid usernames. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue...