964 matches found
MAL-2024-12085 Malicious code in mono-faucet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a9b64ffe282d49a1f13db908a30b2713843c5dc3ac78ec52d50c8bcf450e401 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12084 Malicious code in @shahwarhello/l2geth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d5aced97b470cf82beae6ab385323996a424bcf3bb43f800076b4e3158e6d701 The OpenSSF Package Analysis project identified '@shahwarhello/l2geth' @ 0.5.11 npm as malicious. It is considered malicious because: - The...
MAL-2024-12081 Malicious code in testbyakash2310please (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3ab898b094ec69febe5691ee0bb06b4040dc1dd9c9bb9632fd7b3d24d2b2870b The OpenSSF Package Analysis project identified 'testbyakash2310please' @ 69.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2024-12077 Malicious code in layerzero-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e38548e48278e6b84fe1732117aef2c443aee26ea8e5694692002fe7342e1e30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12076 Malicious code in api-demo-sample-lib1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware feb4cdcfd09bde3632e5027efd5e0378c93e89ab16f9e0f0e931586d1679412d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-12075 Malicious code in grafana-report-panel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8623412527e3e107cf7a8046c236118472390191d5e456e969b6c628b3d708fa The OpenSSF Package Analysis project identified 'grafana-report-panel' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...
MAL-2024-12074 Malicious code in @rrvis/code-mapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 19a43a84b4d9f910d4a656a44cae41f44115366eb59777c6b6be77fd66de9fc8 The OpenSSF Package Analysis project identified '@rrvis/code-mapper' @ 99.99.3 npm as malicious. It is considered malicious because: - The packa...
Malicious code in yb2bacceleratorstorefront-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d6b9ec48a872ef195c69f3ecee359b142d1f9bb683a236c67a0c96876efafd0 The OpenSSF Package Analysis project identified 'yb2bacceleratorstorefront-web' @ 1.0.0 npm as malicious. It is considered malicious because: -...
MAL-2024-12067 Malicious code in aauto-assign-team-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ef1fe2d72d5632ea92996b145c4713780023fe149d21e2f24e5ba190caf8100 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11929 Malicious code in @rrvis/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis feaaf40ea5d1af97c31051295c594dc2344a3337d6b9aba3e9ae1ed6451001f0 The OpenSSF Package Analysis project identified '@rrvis/ui' @ 99.99.2 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11928 Malicious code in @rrvis/logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 11fa65d69306fc86aca5bb9af5b91bc3c1dd35766ab0f5dd010fb492799916bf The OpenSSF Package Analysis project identified '@rrvis/logger' @ 99.99.2 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11926 Malicious code in tracking-protection-experiment (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7e3c4e6767c5b9de18b97979fd15fbe90fdc3b01d78bb3ce044f224e588787a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11925 Malicious code in com.unity.assetgraph (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dee635c5dd8d8b009c47b1924e679ac0f95c83a41bbff41ff4d9978f75dae3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11923 Malicious code in non-existing-dependency (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1d6cdc7e109d95350fca4106c87505a6e873352199682c0b1edc6cb36e3ea84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11919 Malicious code in yandex-pandora-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e7c8829575ea2c09d2db8f6f98a73635e882f6ac8084b06174761270128f3438 The OpenSSF Package Analysis project identified 'yandex-pandora-docs' @ 1.0.0 npm as malicious. It is considered malicious because: - The packag...
MAL-2024-11916 Malicious code in bitmex-node-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5cc7c20df046cd10e263fa37bcda6196d91e23537ce001e8ed4b9598700ad8b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11914 Malicious code in orderly.network (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d606d970811240b8c005b7dc9ac5ee50ff9d2d77e9a14a34703c115392b1a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11932 Malicious code in bs-auto-dark-mode (npm)
This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8a5c6958e14a49e20ebdd6902cdb4cad7872983ed4d39e94b625cc50a20314ac The OpenSSF Package Analysis project...
MAL-2024-11910 Malicious code in @bh-ui/theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d15abe0453d257e63379c13d84f7269d636310eb7d9abb1a0ae02740475e71ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in yir-image-gen (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6cf1af517e2c58b4cae223cb5d746eed91636fca7b9843a427577a641e12a0f7 The OpenSSF Package Analysis project identified 'yir-image-gen' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...