Vulnerability
Malicious code in bt-burn-watch (PyPI)
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (94719a61950dd5cacc26b288c1fe8ef0d12f0e93720b4f1aa98cdf84ff148f0d) Package advertises Bittensor subnet burn-rate monitoring but the compiled core module's own docstring describes itself as a 'clipboard logger + Bittensor subnet burn rate monitoring' tool. defaults.env ships a hardcoded Telegram bot token (8666228137:AAF_NLMrow4cDf3uEJCl3JY7DeBHtovd1TU) and chat id (8766781014) commented 'Bundled for all pip install users'. When the user runs the documented `bittensor-burn-watch install` CLI, the package installs persistence via Task Scheduler (Windows), systemd (Linux) or LaunchAgent (macOS), polls the OS clipboard, deduplicates each unique string via a local SQLite store, and POSTs every new clipboard entry to api.telegram.org under the author's bot. The compiled core exposes `clipboard_already_sent`, `_claim_clipboard_text`, `_normalize_clipboard_text`, `_clipboard_fingerprint`, plus a Win32-API clipboard reader whose own docstring boasts 'no window flash' (anti-detection), and on Linux silently `apt`/`dnf`/`pacman`-installs wl-clipboard/xclip without prompting. The package is shipped as Cython-compiled.so files only (no Python source) for a tool that does nothing more than call a public REST API and send Telegram messages — compilation here exists to hide the clipboard-capture surface from casual `pip download && grep` audits. Given the Bittensor user base, clipboard contents typically include TAO wallet seed phrases, private keys, and exchange API keys. defaults.env also bundles the author's own taostats API key for all installers to consume. ## Source: kam193 (5a0dd195fc668347e830720566418c11620979a0c2344723fbddb1497d8bf9e8) The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard and if the content matches the pattern, exfiltrates it. Early versions contain this behavior mentioned in the README. The targeted data are likely cryptocurrency secret phrases. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2026-06-clip-logger Reasons (based on the campaign): - clipboard-stealing - crypto-related
No CVSS base score from NVD or GHSA yet. NVD typically scores within 24–72 hours of publication; GHSA usually within a day for OSS-flagged CVEs. Last record update .
For interim severity, fall back on KEV / EXPLOIT signals and the EPSS percentile (lower panel). Re-check this CVE after one cron tick — the score lands automatically when the source publishes.
FIRST.org publishes EPSS daily. Coverage isn't universal — pre-disclosure CVEs and reserved IDs don't carry an EPSS score until at least one exploitation signal lands. Score will appear within 24 hours of the next EPSS pull.
No exploitation, limited impact or prevalence