Lucene search
K

33 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 2:10 a.m.16 views

Malicious code in @ci-lifecycle-test/postinstall-ping (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c160ad40a237c1e682c696ebd0aec2861ca072f47bd5b725bc80f7f95ed509 The package's postinstall lifecycle script postinstall.js executes automatically on npm install and POSTs the JSON-serialized contents of the entire...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 4:7 p.m.12 views

MAL-2026-5389 Malicious code in @0xlr/stripe-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eda7bf8681a6253ffc4bc965888e45c5374e4ba8d4fe2e17efcd0f227d7ce5e On npm install, postinstall.js enumerates every entry in process.env sorted, bundles it with hostname, username, homedir, cwd, argv, and platform/arc...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score0.02342EPSS
Exploits3References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.9 views

Malicious code in transform-regexp-constructors (npm)

The package 'transform-regexp-constructors' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/12 4:23 p.m.5 views

Malicious Package

Overview syntax-trailing-commas is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior T...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview syntax-do-expressions is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior Th...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview dazaar-payment is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The packa...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.6 views

Malicious Package

Overview babel-compile-templates is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.7 views

Malicious Package

Overview transform-json-strings is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior T...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.5 views

Malicious Package

Overview undeclared-variables-check is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavi...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.4 views

Malicious Package

Overview syntax-exponentiation-operator is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.4 views

Malicious Package

Overview todo-plz is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The package use...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview transform-dev-warning is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior Th...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview transform-proto-to-assign is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavio...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview typescript-type-graphql is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview transform-es2015-shorthand-properties is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.3 views

Malicious Package

Overview transform-dev is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The packag...

9.8CVSS5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/03/12 4:23 p.m.6 views

Malicious Package

Overview jsx-dev-runtime is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...

9.8CVSS5.9AI score
Exploits0References3
Rows per page
Query Builder