964 matches found
MAL-2024-10555 Malicious code in careers-job-detail (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16052b4d2e03953110406185695adc84ab3af8481eb5790e4b4c0f1421bc1b9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10547 Malicious code in @vkplay/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8fae653de9f00dc321cbd5b08a89f89b71c2dd6fc14dc214b2eaeb5cbf298c35 The OpenSSF Package Analysis project identified '@vkplay/shared' @ 10.10.15 npm as malicious. It is considered malicious because: - The package...
MAL-2024-10544 Malicious code in refocus-real-time (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45da1f201ce53b0693ee1d8b969dfdcccc0ee919a86acf9efb6583538c7f6c47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10542 Malicious code in akita-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 551f04343832933628b5f36ec11b0f08219b6ad2c16bdc366b56ce2977b5f721 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10561 Malicious code in koho-charity-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c05a6b955dc437e0c2b04e5972bf13ca55b00a97a48fe3d7cf1fa40a2f7b3abf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10535 Malicious code in deriv-app-id-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c03deb9ccf8f604f4e3ba191f6d8c2e3f94cc273950f13aafde768a468f13071 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in embrace-helloworld (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27c1c70726566294b9958ec5ab9d3af0e2d5e1c3dc9451f07055c6b650bfbd50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10559 Malicious code in embrace-helloworld (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27c1c70726566294b9958ec5ab9d3af0e2d5e1c3dc9451f07055c6b650bfbd50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10571 Malicious code in testing-logger-bush1do-c0de (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc1bbb3c397a2084cc727cb2602f294e9b5cd961d43cb28aab6ea576176edf41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10469 Malicious code in daumu (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d37e522b955b76b0e14a598bb86fa4057377c13ddfc51a8741a10957281602c8 The OpenSSF Package Analysis project identified 'daumu' @ 89.3.5 npm as malicious. It is considered malicious because: - The package communicate...
Malicious code in @bytedanc-ad/mui-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0b302cda103ab4e9d60bced8da79df7126ab12cceee30b5ca171d20bc10c1a77 The OpenSSF Package Analysis project identified '@bytedanc-ad/mui-react' @ 89.3.5 npm as malicious. It is considered malicious because: - The...
MAL-2024-10490 Malicious code in language-matlab (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c3bff0146045d9130d2bb2523e15b9f1e582a33f6ba1e2a33524ffe5bb05732 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hybrid-sd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda2147ea1298ff5478fd2930bbb036f0b939a970e6c5ee1e9897f451957bea A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10833 Malicious code in deadiff (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2df6184aed182aff68ce47fcbff14053c6edb5e21b135ff4f34cccc7d4a9fc01 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in lanm-neo (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 efa3ccd45e68087966b1bc6c673003e04c9df5461bc25dc21fe59de689a38900 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in neursts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 396f98ceccdb35758f23d2113965f447c1ec28a6c7d1a3fe82fe32cd6c1ce4e0 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in gr-mg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9299ffcce3856f06a694bb95009da56415f80f19ed8b67f444edbf4f3556ec77 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10580 Malicious code in adandv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa4c35a5e7c5de24d29d3ccc2378bc8f5a64dc95c1a101df612ef9be69fc4ca5 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10827 Malicious code in ohta (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7f2c34601fec54dbf6ebf413c8f72f306ce11e3e00b028828514fff920676e4c A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
MAL-2024-10638 Malicious code in compressa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0cabf2172928d772d626ba857400e15f273fc925a9ff75e7f655ce461e9be498 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...