Lucene search
K

292 matches found

OSV
OSV
added 2026/06/08 10:18 a.m.12 views

MAL-2026-5320 Malicious code in openai-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c30f8b1a160c72529e2671b81be13ea671302e9bc3915ee84bd2212e0fdd5a3 The package name and module structure impersonate the official openai Python SDK the package even rewrites exported classes' module attribute to...

5.6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 10:16 a.m.10 views

Malicious code in tiktoken-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac746100211f13951c190e98140c6948be51d7be9257b2b26bcc9baef19be29f tiktoken-mcp impersonates the OpenAI-published tiktoken package: its METADATA copies the upstream Name/Summary, Author 'Shantanu Jain', Author-email...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/06 6:13 a.m.16 views

MAL-2026-5300 Malicious code in funcdesc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a5756a79331cdda67721e39889609f5c0b5e342b678dbce2de97c94ec2dbe29 The package installs funcdesc-setup.pth, which Python auto-executes at interpreter startup for any environment where this package is installed. The.p...

6.3AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.12 views

Malicious code in phenopacket-store-toolkit (PyPI)

The package phenopacket-store-toolkit version 0.1.7 contains a malicious .pth file phenopacketstoretoolkit-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release...

5.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.10 views

Malicious code in executor-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fee580000475783e657a2e66ca6a4a4bd4369aa0bc9f87152b003dca6f34848 executor-engine 0.3.4 ships a malicious site-packages.pth file executorengine-setup.pth that Python's site initialization auto-executes on every...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.18 views

Malicious code in coolbox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55bfdad112134e980af7568a9138be1e4b940f7bfbeebad2b0f85d9337a0f44 The wheel installs coolbox-setup.pth, a Python path-configuration file that Python auto-loads at every interpreter startup any python invocation...

5.6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.12 views

Malicious code in pyphetools (PyPI)

The package pyphetools version 0.9.120 contains a malicious .pth file pyphetools-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an obfuscate...

5.5AI score
Exploits0References6
OSV
OSV
added 2026/06/06 6:13 a.m.13 views

MAL-2026-5282 Malicious code in mrbios (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d1c97dced5d8f917e2e9901e0ed99fb0034bfafb5a3d46ad47eeba76a883c57 The package installs mrbios-setup.pth into site-packages. Python auto-loads.pth files at every interpreter startup, so the contained payload runs...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/06/01 12:0 a.m.7 views

MAL-2026-5148 Malicious code in @redhat-cloud-services/vulnerabilities-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/06/01 12:0 a.m.13 views

MAL-2026-5144 Malicious code in @redhat-cloud-services/notifications-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/05/20 11:38 a.m.26 views

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:0 a.m.15 views

Malicious code in @starmind/collector-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a028c205d18a30d3ff150b1653336fefa0ac86a6e5242811b6fb2c3283af21 The package @starmind/collector-cli was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.15 views

PT-2026-42047

Name of the Vulnerable Software and Affected Versions @beproduct/nestjs-auth versions 0.1.2 through 0.1.19 Description An attacker used a compromised npm publish token to distribute malicious versions of the package containing payloads from the Mini Shai-Hulud npm supply-chain worm campaign. The...

10CVSS5.8AI score0.0007EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/adjust (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.11 views

Malicious code in @antv/gl-matrix (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.15 views

Malicious code in @antv/thumbnails (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.11 views

Malicious code in @antv/g-plugin-canvas-picker (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.13 views

Malicious code in @antv/g-mobile (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.11 views

Malicious code in @antv/async-hook (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.7 views

MAL-2026-4143 Malicious code in limit-size (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
Rows per page
Query Builder