Lucene search
K

138 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/27 7:40 a.m.3 views

Malicious code in @flight-common/models (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c5af2423bce8f82ab3bebfecba472bdcc04805388481ec19e96c245ca48ccd3b The OpenSSF Package Analysis project identified '@flight-common/models' @ 1.2.9213 npm as malicious. It is considered malicious because: - The...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/27 7:40 a.m.4 views

MAL-2025-42122 Malicious code in @flight-common/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 10b5cb816f030297707c6e9ae79f7916de698fd58c8b068b18ef716c7425240b The OpenSSF Package Analysis project identified '@flight-common/components' @ 1.2.9213 npm as malicious. It is considered malicious because: - T...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/21 3:25 p.m.4 views

Malicious code in @navancorp/ta-travel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 475cb3266e9f473c951bb35f87e31b76f08d312ee1916977eb7a125f339f7b7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/20 3:6 p.m.4 views

Malicious code in @navify-platform/i18n (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 306d60012db44c48b4e577372019b8171e2eb15c6cfb80a9c1e5eb7df32149de The OpenSSF Package Analysis project identified '@navify-platform/i18n' @ 1.2.0 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSV
OSV
added 2025/07/28 3:10 p.m.2 views

MAL-2025-6328 Malicious code in triple-equals (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d65cc69dec9f320438a4209e4c952480d78b96c779a019b6a09c04499b9e3edc When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/26 10:22 a.m.3 views

MAL-2025-6327 Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

7.4AI score
Exploits0
OSV
OSV
added 2025/07/24 4:0 p.m.1 views

MAL-2025-6321 Malicious code in ui-data-layer (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8a48f1cd7920a46266b710e80c45543e765af5de9e2944c114bf249efe69ce17 The OpenSSF Package Analysis project identified 'ui-data-layer' @...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/24 3:1 p.m.3 views

MAL-2025-6224 Malicious code in google-protobuf-conformance (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c56504427d8d150c02bac6d80c813025eafa11c3ed21419e5a3ce13a6c11ca6 Any computer that has this package installed or running should be considered...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/14 3:2 p.m.3 views

Malicious code in workspace-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6337f633e71ac4bbdd2541a6ff172f67246451a691838940e3578c7c7ba4ee18 The OpenSSF Package Analysis project identified 'workspace-loader' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/13 1:22 p.m.2 views

MAL-2025-6212 Malicious code in prospects (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3937cc0353b0952f14ff2d9e68216f857e4ffc01f688f600948c6d1b234915a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/08 8:34 p.m.3 views

MAL-2025-5762 Malicious code in vault-wallet-toolkit (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 038f9aa24c411c91137d75c5519d3628da39a251c2a955d2b651748359a746f0 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/05 2:23 a.m.6 views

MAL-2025-5624 Malicious code in cmr-graphql (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b805bd73c447ee03b3330e1a1ce27c4b8edef17d58376cd0a35c151f7c1250a0 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/02 11:35 p.m.2 views

MAL-2025-5538 Malicious code in k6-studio (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b163d493761fa12ed8094157415651ec1b22824f021a7483637346825e08cca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/28 4:53 p.m.4 views

MAL-2025-5306 Malicious code in maybe-i-would-like-a-banana (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 662fcbfd490d5409f2a17a156785c7d82b81e2c57e0c67d1ae701ccf49fff1b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/28 11:36 a.m.2 views

MAL-2025-5298 Malicious code in prototype-poisoning-package (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb7e50b04c4ffcf207fdb21b54873ca1488fe7dd526b90c1206bc830af9b111b Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/06/25 7:55 a.m.1 views

MAL-2025-5271 Malicious code in magewire (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b5673177c3d8b559cc2235b1593c2c06131afd64553497997b2ab2664fc4e9fe The OpenSSF Package Analysis project identified 'magewire' @ 99.99.2...

7.3AI score
Exploits0
OSV
OSV
added 2025/06/24 10:36 a.m.3 views

MAL-2025-5269 Malicious code in fooldependgcbk8x (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 40edfccd147dc478664b7c35428ddcc41628c4bd8d11341b39de5092cf1ed958 The OpenSSF Package Analysis project identified 'fooldependgcbk8x' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
OSV
OSV
added 2025/06/21 12:59 a.m.3 views

MAL-2025-5211 Malicious code in cro-pricing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ad3153abfc5098f205551190f8a491deda5c4b47c00a18ed66800ef238c6b78d The OpenSSF Package Analysis project identified 'cro-pricing' @ 1.0.8 npm as malicious. It is considered malicious because: - The package...

7.3AI score
Exploits0
OSV
OSV
added 2025/06/01 8:49 a.m.4 views

MAL-2025-4623 Malicious code in helloworldmyworld (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ea11c9b6eb65ebdd9deee023e1154599bc86dce39350a49b2589c88f7dce2b31 The OpenSSF Package Analysis project identified 'helloworldmyworld' @ 1.999.2 npm as malicious. It is considered malicious because: - The packag...

7.4AI score
Exploits0
OSV
OSV
added 2025/05/31 6:47 p.m.2 views

MAL-2025-4609 Malicious code in moorkh_hai_tu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c9a195959b550bee1eca57f930d21864f781bd0d6be4f65b19ac06c4088570e The OpenSSF Package Analysis project identified 'moorkhhaitu' @ 1.2.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Rows per page
Query Builder