https://0.0.0.0:10001 Contains only the most 10 recent entries. http://www.rssboard.org/rss-specification python-feedgen en Wed, 13 May 2026 18:25:10 +0000 https://0.0.0.0:10001/vuln/mal-2026-3657 --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (fef1582aa7fb15599bd48e6f077be4d1a577d3916cf2c2650893f0406ede8ea3) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (fef1582aa7fb15599bd48e6f077be4d1a577d3916cf2c2650893f0406ede8ea3) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. https://0.0.0.0:10001/vuln/mal-2026-3657 https://0.0.0.0:10001/vuln/mal-2026-3656 --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (44f072eff9ef90a204331ae1a03c5c4296929dbf88a05fff1a529e397548421a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (44f072eff9ef90a204331ae1a03c5c4296929dbf88a05fff1a529e397548421a) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. https://0.0.0.0:10001/vuln/mal-2026-3656 https://0.0.0.0:10001/vuln/mal-2026-3658 --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (04d9f5ba202651d252a375411cf609db6f9a7ae83f164f6f2e66559a6dff5b92) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. --- _-= Per source details. Do not edit below this line.=-_ ## Source: ghsa-malware (04d9f5ba202651d252a375411cf609db6f9a7ae83f164f6f2e66559a6dff5b92) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it. https://0.0.0.0:10001/vuln/mal-2026-3658 https://0.0.0.0:10001/vuln/mal-2026-3659 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer https://0.0.0.0:10001/vuln/mal-2026-3659 https://0.0.0.0:10001/vuln/mal-2026-3662 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (2bd2bd26870d2cf5df73c69bca7ed9088604eccf44727e4c59f0301cc8ccd35a) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (2bd2bd26870d2cf5df73c69bca7ed9088604eccf44727e4c59f0301cc8ccd35a) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer https://0.0.0.0:10001/vuln/mal-2026-3662 https://0.0.0.0:10001/vuln/mal-2026-3661 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer https://0.0.0.0:10001/vuln/mal-2026-3661 https://0.0.0.0:10001/vuln/mal-2026-3660 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (a1e0009e8bfad1a403632094f43e661b328b40a6f518db00b890712789e39734) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (a1e0009e8bfad1a403632094f43e661b328b40a6f518db00b890712789e39734) Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-py-requests Reasons (based on the campaign): - rat - typosquatting - persistence - Downloads and executes a remote malicious script. - crypto-related - clipboard-modify - exfiltration-browser-data - exfiltration-crypto - infostealer https://0.0.0.0:10001/vuln/mal-2026-3660 https://0.0.0.0:10001/vuln/mal-2026-3663 --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (c7439a1ad4a50c3852597bd31aaf7a3f15c53c2cb9f124b9b350e55517b5f592) The OpenSSF Package Analysis project identified 'chia-network' @ 1.0.0 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. --- _-= Per source details. Do not edit below this line.=-_ ## Source: ossf-package-analysis (c7439a1ad4a50c3852597bd31aaf7a3f15c53c2cb9f124b9b350e55517b5f592) The OpenSSF Package Analysis project identified 'chia-network' @ 1.0.0 (npm) as malicious. It is considered malicious because: - The package communicates with a domain associated with malicious activity. https://0.0.0.0:10001/vuln/mal-2026-3663 https://0.0.0.0:10001/vuln/mal-2026-3664 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f) Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-workingitmehelpit Reasons (based on the campaign): - The package overrides the install command in setup.py to execute malicious code during installation. - malware - backdoor --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f) Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-workingitmehelpit Reasons (based on the campaign): - The package overrides the install command in setup.py to execute malicious code during installation. - malware - backdoor https://0.0.0.0:10001/vuln/mal-2026-3664 https://0.0.0.0:10001/vuln/mal-2026-3665 --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (cf12b321da2b42ce2302bdccbb35304c4f4a47c7a5e273076467b269982c480f) Package automatically exfiltrate information about the system, including potentially sensitive data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-hackling Reasons (based on the campaign): - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk. - exfiltration-env-variables --- _-= Per source details. Do not edit below this line.=-_ ## Source: kam193 (cf12b321da2b42ce2302bdccbb35304c4f4a47c7a5e273076467b269982c480f) Package automatically exfiltrate information about the system, including potentially sensitive data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-05-hackling Reasons (based on the campaign): - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk. - exfiltration-env-variables https://0.0.0.0:10001/vuln/mal-2026-3665