Lucene search
+L

4220 matches found

ossf
ossf
added last week11 views

Malicious code in testing-d3do (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c008bcf9a72a02f11c556396a39d6de999bfad0cfa389ddac01929d19bb34d8 On npm install, this package's postinstall script collects host identifiers os.hostname, os.userInfo, current working directory, and external IPv4...

5.9AI score
Exploits0References1
ossf
ossf
added 2026/07/08 2:20 p.m.13 views

Malicious code in domains-billing-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4860726efc056e319a24e46ac4e179809cc294267679a9b8122c5205b49369f1 [email protected] executes node index.js from its postinstall lifecycle script. On install, index.js reads os.hostname and...

6AI score
Exploits0References1
ossf
ossf
added 2026/07/03 8:5 p.m.8 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.1AI score
Exploits0References7
ossf
ossf
added 2026/07/02 9:11 p.m.11 views

Malicious code in unreal-horde-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15cf7eca1e6de1e7ecc5fe67d8094125f20f6ca4256e843b72e89760c97888b8 [email protected] executes a preinstall script that runs automatically on npm install. The script collects host identifiers hostname,...

5.9AI score
Exploits0References2
osv
osv
added 2026/07/02 9:11 p.m.6 views

MAL-2026-6732 Malicious code in unreal-horde-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15cf7eca1e6de1e7ecc5fe67d8094125f20f6ca4256e843b72e89760c97888b8 [email protected] executes a preinstall script that runs automatically on npm install. The script collects host identifiers hostname,...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/30 9:37 a.m.7 views

Malicious code in ripshakti1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 764edbf390c427ef99a9d9164034b966fbac251f00240bbb219825c0c92422a6 package.json declares a preinstall lifecycle hook node index.js that auto-executes on npm install. index.js queries the AWS EC2 instance metadata...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/29 3:20 a.m.10 views

MAL-2026-6572 Malicious code in rebrandly-domains-digger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...

5.8AI score
Exploits0References2
osv
osv
added 2026/06/28 1:5 p.m.7 views

MAL-2026-6559 Malicious code in lc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81ca324fdc9c4ba5536abcd43972f1a506f4af99ace29447b66a17947b1b8606 package.json declares both preinstall and postinstall scripts that run node callback.js, so the callback fires automatically on npm install with no...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/26 9:23 a.m.5 views

MAL-2026-6515 Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References13
ossf
ossf
added 2026/06/25 5:20 p.m.9 views

Malicious code in @vpms/design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43ce5813fba2660b094a3e8a5c5a0bf2f1972530c294830c0a2e3d15dcd1b096 package.json declares preinstall="node index.js". On every npm install, index.js iterates process.env and harvests any variable whose name contains...

5.8AI score
Exploits0References5
ossf
ossf
added 2026/06/21 4:11 p.m.13 views

Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

6AI score
Exploits0References1
ossf
ossf
added 2026/06/19 2:13 p.m.12 views

Malicious code in new-ts-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3721ae4cecdfa22793382d07d28a25ba5fabd54ac405cb94e642a1f96faee80 index.js imports childprocess and at lines 101 and 117 invokes execSync to run bash and zsh commands. Lines 9, 194, and 195 use Buffer.from...,...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 3:45 a.m.15 views

Malicious code in cryptodao-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b5f3b7ec6eecce3d891664f33660a1c612cdd3c6ac99ba52633ef77a2df543c On npm install, the postinstall hook runs node recon.js, which harvests installer-side secrets and POSTs them over HTTPS with TLS certificate...

5.3AI score
Exploits0References1
ossf
ossf
added 2026/06/17 3:44 a.m.16 views

Malicious code in cryptodao-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39fca1d76ba65e01fbd3319d6752bb0dc896f9cc356676c6bfad3671d8b1e0d9 On npm install, the package's postinstall script recon.js harvests installer-side secrets and POSTs them to attacker-controlled webhook endpoints. Th...

5.3AI score
Exploits0References1
ossf
ossf
added 2026/06/17 3:39 a.m.11 views

Malicious code in cryptodao-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dbe5f8614a264a8d3cdd2ecf8ecd2ad17292dbb5c5bcc25d0ae9d77eb8821df package.json declares postinstall: node recon.js, which auto-runs on npm install. recon.js lines 30-46 scrapes a curated list of credential-bearing...

5.3AI score
Exploits0References1
ossf
ossf
added 2026/06/17 3:36 a.m.9 views

Malicious code in cryptodao-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ac58e81310f19b32d136445eab91f7ddc776921ff8dfd08bdb91bcdd4a1da6 [email protected] ships a postinstall script recon.js that runs automatically on npm install and harvests installer-side secrets. The script...

5.3AI score
Exploits0References1
ossf
ossf
added 2026/06/16 2:14 a.m.16 views

Malicious code in setka-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9dd5cda5d5a0925c139a36f0ea4c69b96052ff203d7dc365ac119408ba76069 package.json registers both preinstall and postinstall lifecycle hooks that run node callback.js, which executes automatically on npm install...

5.8AI score
Exploits0References4
ossf
ossf
added 2026/06/14 9:54 a.m.15 views

Malicious code in ltidiconf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4ca306052ea5224831743daec9d3944fadff8cb4a7211e980be7669a739d00d [email protected] is an empty wrapper package index.js is module.exports = ;, empty author/description, inflated 99.9.1 version whose sole effect on...

6.2AI score
Exploits0References2
osv
osv
added 2026/06/11 8:25 a.m.11 views

MAL-2026-5624 Malicious code in edu-npm-postinstall-demo2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce30f195fb63661526196defd7d613a58ded58acd1208989400bf6267de6bfb1 On npm install, postinstall.js reads the installer's .env file from INITCWD, harvests environment variable values DEMO-prefixed, collects host...

5.3AI score
Exploits0References3
osv
osv
added 2026/06/11 1:22 a.m.13 views

MAL-2026-5540 Malicious code in @monitoring-lib/error-tracking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 491603ad44ed812c3d248696b00f7d4801a4c1dc23e4f23a3bb86f2ef499616d On npm install, the preinstall lifecycle hook in package.json runs a Node one-liner that reads the installer's hostname os.hostname and username...

5.5AI score
Exploits0References2
Rows per page
Query Builder