Malicious code in cubaflixdownload (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e301875480dd0a0265eef6c8d1a5b65ef85f1e2051d0e5491dcb4767c5f7b578 During importing, the code automatically starts a Telegram bot designed to download and save files locally upon a specific message in the channel. While this...

Malicious code in platforms (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 152f27ebcd7a8c662ffcbfe69086e0a50e71f73993bc7d97ce3bb67896c8a4dc During importing, the code automatically starts a Telegram bot designed to download and save files locally upon a specific message in the channel. While this...

Malicious code in dzuseragents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0be670ad8e17f42129943a744559ebb8818c581bc637c1469cf8553b7b8f8c9 The package downloads an executable and adds it to autostart. The downloaded application then periodically creates a screenshot and sends it to a Discord...

Malicious code in langraph (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d1857013d9ca781ba7579d60e20a1ee155ced90eef1e9d99045b8797e3e18be Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in magicwolf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3d4f256ccd65da42e297351fbc7c15d4f3b25789c362d0d3419d580c4e07bf34 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in clawdest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf31ecc1ce2cf9d018d5ea73c9ee8467f85efd2fda44d75dfd10797cb35778a2 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in sinon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0984c139608f25fa3bdb0532d380ee76d21328bb17bb2d72f996112391a4e239 The package sinon-web3-chain was found to contain malicious code. Source: ghsa-malware 19e2ec9a6d3e1d35b0423ee04424704fd978ba989624faa1485f07c6de16b3...

Malicious code in json-mapping-src (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc958aaacb5ea616283510ccda98b0a4634c35d348eece1613366ac66ad41abb The package json-mapping-src was found to contain malicious code. Source: ghsa-malware 8e7f8a61a6a361880bea88321b1f130627266e5f1d54e8aa9d9f47d64c99db...

Malicious code in troncloud (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c123c7a348b5856fcedbadf1312d14b224c100c7138bfeeb3eff610fbf9dc12 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

Malicious code in contosoapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f1c09ad3c513e077cb24b54846b698e241643d6da17abdd97bf340d6c574eec The package contosoapp was found to contain malicious code. Source: ghsa-malware 71f7d3632ccf62f3b5b7098862038118adec5bb42ab6a16b36c0c384eaf4d582 Any...

Malicious code in codexworld (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbcf3a15ca44fb393a6c8e40217d59fb72f228be073dda7d50c70236131d586 The package codexworld was found to contain malicious code. Source: ghsa-malware f062939a6f9a6652f3a2e08c3192935b45ce6fd84970a96e43007d424e25b573 Any...

Malicious code in responsible-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c11d73745aba3675053c5e949e3d5cf48ec050f6c5df589f613c094a8a038e The package responsible-ai was found to contain malicious code. Source: ghsa-malware 9b9159173d856834d97152b44c3f78779ff8f3dd4368b5d113920865417044c3...

Malicious code in pyrefly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f731c9ac1e4183a530b005b34a0e1331b1dc61ef8fc60aea56170766e444a48e The package pyrefly was found to contain malicious code. Source: ghsa-malware 588445ae77d1fbd6e2123a29bd2331067492d3a518d7dbbc3a1d57a400622e83 Any...

Malicious code in open-answer-engine-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c367c12ff794a5b5d5562c0a1a8ab6225007fc76fc23310d8ddc33dda56b8112 The package open-answer-engine-frontend was found to contain malicious code. Source: ghsa-malware...

Malicious code in pyright-root (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eaf8655e85afe77da4f3a06955a2b7e0885d5368c78190ea0a24ddea43e8f9c The package pyright-root was found to contain malicious code. Source: ghsa-malware 3727564f455a7e3bfbec445ea294c58fd47eec9abfa1dfd95f701b5462d7e176 A...

Malicious code in responses-starter-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83a4aedeb600114d998f8a0351978f589d1d3e9d55ebe061e7d25e95db19d2c7 The package responses-starter-app was found to contain malicious code. Source: ghsa-malware...

Malicious code in ecosystem_ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4987a955f090814c8e125cdaca051b7d106fc4e853cc4e45bc253fbb444f8d94 The package ecosystemui was found to contain malicious code. Source: ghsa-malware 31a22a7e3ce76544adef6885be748f17910483d02a1f19395a520b918516ea63 An...

Malicious code in hxz-protection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13dc9932ef1f00aa6dc52dbc5bbb2a7b4096ff94d4dc575903837159d377ba18 The package hxz-protection was found to contain malicious code. Source: ghsa-malware bbf0a8985b32c32401ddf04b75ef930250aab926a54a6ae5dfce381386eb0876...

Malicious code in wropz-6module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b88cb695572ff176899ffcf9aed27987ea204493850e0bf4b17537d50b93dd59 The package wropz-6module was found to contain malicious code. Source: ghsa-malware 38cd1d5c8154310330369a075368b8556bcffed70470476c894f5d4feb1a2bae...

Malicious code in wropz-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48a8b0a5b3f12323a6bbc3014fa023b370236b8874253a47ed61930d4bbcee4d The package wropz-module was found to contain malicious code. Source: ghsa-malware fbe5a4f55692f6a9db6c052776dc2fcfd3825f7da077f3e45b67466cd4059bd0 A...

Malicious code in console-style-pro0o0o0o (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fe7407a5523ef7efe6bec615d9601fe978b9e5de59d19d7e8e2ff054c5e09e9 The package console-style-pro0o0o0o was found to contain malicious code. Source: ghsa-malware...

Malicious code in metadata-stripper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8c267045a16bae6cd73d8221edda625cfc4c3492849b92a48065fd3cbb2723a The package metadata-stripper was found to contain malicious code. Source: ghsa-malware...

Malicious code in xsstesting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f21a18d9a86ac4934f1f0b7970e4530834a2fedfa1c2c3abbd3e2d3e3c664f9 The package xsstesting was found to contain malicious code. Source: ghsa-malware f0cd84b068f1b6a6bf2ac129128c0e052ca218788bc569eedce535a479333fc4 Any...

Malicious code in despicable-me (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80a6021ab3cbadc4a7b2c84dee85c1da3a01ecbab1b0a3b1e8aa1f6835a818ca The package despicable-me was found to contain malicious code. Source: ghsa-malware 8919618889f25d842da82fbc9462b9c95cfdcc8aaf393841f00b952d6f2e71f1...

Malicious code in magichat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b999f3f5762dc9bcb0dc2e91ef10116a368aca535d2f07fa2519e8d64bbc0902 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in displaydoc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c4ab5c0ca76295a578d62119bf6932953098ec9ecd0bb7f21b397da85b08d5b8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in acpi-tables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7388183e13e400f894ed9f6f93e05049f6f4719b1610d7c26a8b52bf88901266 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in arrayvec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 39346af7e82bdb4aa8dca53b864258b9ffe328ea982aa3009b62b84d174ebe29 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in google-search-result (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7ada4db6050e81933dbf7a82d659e0793c79b0b8f771b3175b5ef4668563238a Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

Malicious code in @depro0x/despicable-me (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e512041534d296b22312d733434bb54944a4e026f6ddeaa493240cccc429ee9 The package @depro0x/despicable-me was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in stylelint-recommended (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3f0d274dda57eb9c09967bc0bfad1709fd8ddcbf3ec4c0e7e9828826e6d0d9a The package stylelint-recommended was found to contain malicious code. Source: ghsa-malware...

Malicious code in envoy1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f06e472b4bdab1dd15a395732da65c1814588afb9acec484f386061ec9c16b3c The package envoy1 was found to contain malicious code. Source: ghsa-malware 877dda74ff1a6579d4bd819a2f752baae0c5f7972ae585756a93dceb01dd57af Any...

Malicious code in ether-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91fd63bfdad336609f23485d2ef2ac2140053efbfb31aa2bec1811be7139db95 The package ether-lint was found to contain malicious code. Source: ghsa-malware c8e14ef98aaca0dc035a27f9edd6286e29e73d16c2b4e7c98ab1afe1e4740e35 Any...

Malicious code in b10connoisseur (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b004210d186f2b625699f4d863f3ba95407f836eadfee0168be63f85124b5b7 During installation, package attempts to enumerate the environment and exfiltrates potentially sensitive data to a hardcoded location. --- Category: MALICIOUS ...

Malicious code in ritch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bc0d5c6c0c3175de2d5def02fe422574cfee5f7fe3a88f894de7122aa9dcf588 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in oraceldb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 723248915f1acb6de7c5bed00d0d554ced6b8cd6359d79436c8ab02f49f18360 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in krbutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef5a16574ecd987f57925735cdbeb06062b47dc13fda6c1f30a68e9aba9571ad Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in pydantics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dda36b358c57e79abf804d53d4750cf2836f930b07aa524c0b5c4d231d92143f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in pandaai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in opentelematry-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 879b0fe2de803ae267b0c1084873f040a73d2efbd5bd5639e99da836350a48f0 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in marshmellow (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dbf6f50353e6489a831a2575831b93fd5f99a9cbd60cc30260fd13838beda73f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in lala6992 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 03f1d0663411a521e65c618865d7a6e362db8597306c4c8c41d6226292ca7854 The OpenSSF Package Analysis project identified 'lala6992' @ 1.0.0 pypi as malicious. It is considered malicious because: - The package executes...

Malicious code in get-incorrect-name-bob (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb10edcf75f6463de2adaa0a621cf5fb215b5431a87d36a3b94e1910fb774ab While disguised as a dummy MCP server, the only real functionality is exfiltrating hostname on importing. --- Category: PROBABLYPENTEST - Packages looking like...

Malicious code in express-gueues (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e3d2a703d47121d83fc4fd21e63f8757839d406f367dc4ddd52e28d8be2d72f The package express-gueues was found to contain malicious code. Source: ghsa-malware a3e7609fa317c76c61508c249616ae1c6b4d0ea5840b155a5d1196e5a5547934...

Malicious code in osopackagepy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999886fcc5bada14ab742719f34eef0d929a1319b6011060b7e13e1598c292f0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in osopackage (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81f944909c442d3ce5de69ca15e63f1dc9aac8408cd2d3875794fde6ac0c4efd The package osopackage was found to contain malicious code. Source: ghsa-malware ea6582943b363713bda63ec879242935fe1a5f5efa7be40fbb87173570f642a0 Any...

Malicious code in systemtest-information (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b283c3ed09c8a8a50dfaab31abcd95b4f80f8db176720195a3a97712a40a0deb The package systemtest-information was found to contain malicious code. Source: ghsa-malware...

Malicious code in systemtest-network (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8fadd3f7e7470daeb4e977c85dbe226a9225b2c4eae6c269a4d85fc01e96681 The package systemtest-network was found to contain malicious code. Source: ghsa-malware...

Malicious code in chai-prop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6708dacd87e4aafa4ffafa5b20fff5ae416d6580ba01ddcaaa51ca08f0317c85 The package chai-prop was found to contain malicious code. Source: ghsa-malware 46a6572ddbd6c8ceef059f6e07126d160a849cf4912b1befe7b4523393c72484 Any...

Malicious code in config-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f672e0a6f875d710a8851da211ff30828bda3755c9f9aebcb56fd0430b134ae5 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...