vulnerablecode icon indicating copy to clipboard operation
vulnerablecode copied to clipboard
verified publisher icon nexB

Collect some PyPI malicious packages

Open pombredanne opened this issue 6 years ago • 1 comments

The data from this Slovak agency https://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/ seems intersting and not always in CVE

pombredanne avatar Nov 14 '19 20:11 pombredanne

This SK CSIRT does not seem to public advisories consistently. But https://github.com/hrbrmstr/pypi-malicious-packages/tree/master/data has some historical malicious PyPI packages that we should collect.

pombredanne avatar Oct 15 '24 12:10 pombredanne