Lucene search
K

6054 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in client-cookies-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12870ae203f2612ab2bf9e796583acba17914cd4699909156f86c643fcf51f24 package.json declares postinstall=node index.js, which runs automatically on npm install. index.js collects host identifiers via os.hostname,...

6.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago5 views

Malicious code in none123s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c28e7ef260830adb9561488c487960b12e00bd6939daf8ed8e3a239ec9530699 package.json declares a prepare lifecycle script node index.js || true that auto-executes on npm install. index.js reads canonical installer-secret...

5.9AI score
Exploits0References18
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago7 views

Malicious code in airkey-mfa-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector addd30fd6d90110d178ea017b2968c6014dab0e8304bdfeb55b13612a75f61da Package auto-executes a preinstall script node test.js on npm install that collects username, hostname, platform, Node version, and CI flag and POSTs...

5.9AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago4 views

Malicious code in domains-billing-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4860726efc056e319a24e46ac4e179809cc294267679a9b8122c5205b49369f1 [email protected] executes node index.js from its postinstall lifecycle script. On install, index.js reads os.hostname and...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago14 views

Malicious code in @vwfs-its/sf-sac-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fd62df844e3fba17cb6200b0c9f2ce518a630677ed96f4cf0349b2a3eb7a3d On npm install, the package's preinstall hook node index.js collects installer host identity — hostname, OS user info, output of whoami and id, shell...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago5 views

Malicious code in gitlens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c60743ac7b975c729e8ff8bd5310f71fce030efc3979f419f60e129921364ae7 package.json declares a preinstall lifecycle hook that runs curl https://bt8hbz0owdan31qvdap2u5b8izoqcg05.oastify.com on npm install. oastify.com is...

6.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago7 views

Malicious code in gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3653831a01d3068b12688a9f6ae11926a1b1edde27f8f37a6c48f3f0dba99231 On npm install, postinstall.js executes automatically and collects installer host identifiers os.hostname, os.userInfo.username plus public IP/geo da...

5.9AI score
Exploits0References4
OSV
OSV
added 5 days ago3 views

MAL-2026-6761 Malicious code in gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 371ed0f5f59f881d5fa2a296e7e3d44833f1ae46129da09714cab2edadcf440a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSV
OSV
added 5 days ago3 views

MAL-2026-6792 Malicious code in wsh4-nmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae8d49fb38a00054e408984deccb85f6486ffa7aa61c31ad01402413143168d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago9 views

Malicious code in @adobesign/as-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6752e4d30c584cb5ca6f67265c983257c1531aa306b47ec00b43ddae83fe2532 The package's package.json declares a postinstall lifecycle hook that pipes the output of whoami through curl to a hardcoded Burp Collaborator...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added last week5 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.1AI score
Exploits0References7
OSV
OSV
added last week3 views

MAL-2026-6790 Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b27bc49b2d8ef30848d427f7d6ec702eaed3b5bcc49f5fd4384183f228e2c50a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 9:32 p.m.8 views

Malicious code in epic-internal-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8936b0c0d22097170c5eb02c9b183611934e59e7a3c97f94e3a269e13f0d4d5 The package.json preinstall script auto-executes on npm install and performs installer-side reconnaissance and credential theft. It collects...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 9:20 p.m.6 views

Malicious code in ue-automation-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbc2db9a2a365d53d76fe7ca2a8f219f98118d99b53698cf7ce8b31cf81eda3f Package name 'ue-automation-scripts' with version 99999.0.0 is the canonical dependency-confusion shape used to hijack installs on internal CI system...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 9:12 p.m.9 views

Malicious code in robomerge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b8f632bbc34b020f78b4dec06ddf1bc50194ce117dfe609484d05edc76d7790 package.json declares a preinstall lifecycle script that fires automatically on npm install. The script collects installer hostname, username, cwd,...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 9:11 p.m.6 views

Malicious code in ue-jenkins-buildkite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3f4ff9ea00766589ae9dece7648aa4ce29ac9bc82173fce0a1adefaeb6c8f5a [email protected] is a dependency-confusion package targeting an internal Epic Games / Unreal Engine CI namespace name evokes...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/28 1:5 p.m.6 views

Malicious code in lc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81ca324fdc9c4ba5536abcd43972f1a506f4af99ace29447b66a17947b1b8606 package.json declares both preinstall and postinstall scripts that run node callback.js, so the callback fires automatically on npm install with no...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/28 1:5 p.m.6 views

MAL-2026-6559 Malicious code in lc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81ca324fdc9c4ba5536abcd43972f1a506f4af99ace29447b66a17947b1b8606 package.json declares both preinstall and postinstall scripts that run node callback.js, so the callback fires automatically on npm install with no...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/26 9:10 a.m.7 views

MAL-2026-6513 Malicious code in dtxto1ols (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 926fc822a2a507fafa6d2e1bb02a9b2bada7d89d3042bd3f0cac0ba2fd7c1991 package.json declares a postinstall script that runs automatically on npm install. The script performs filesystem reconnaissance find / -type f...

5.8AI score
Exploits0References1
Rows per page
Query Builder