964 matches found
MAL-2024-10378 Malicious code in emtoolsjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7321939016853a0b9d475c175446320711a796542c1bad74fc3efe93fc4a956 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10379 Malicious code in @common-pattern/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 22ade4254f9af0310378acce0750c95eaba714619e5cda80c46ca9226d3c2b22 The OpenSSF Package Analysis project identified '@common-pattern/components' @ 8.2.9 npm as malicious. It is considered malicious because: - The...
MAL-2024-10358 Malicious code in lightseeq (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d14d6932bfe1a879a7af0d37aa99c04a96678783d745e6587d5c95c39086e09 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in chameleon-sdk-android (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 589be22e021ff78ea28c1042adb0a595cec7ba04c5c4050009471dcd91d7de2c The OpenSSF Package Analysis project identified 'chameleon-sdk-android' @ 9.3.5 npm as malicious. It is considered malicious because: - The...
MAL-2024-10331 Malicious code in mixpanelexpo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c3835238b933b46ead226a6a905afb3250547ffd233f3efc2f8f9dab538d310c The OpenSSF Package Analysis project identified 'mixpanelexpo' @ 99.99.90 npm as malicious. It is considered malicious because: - The package...
MAL-2024-10324 Malicious code in finsys-webcomponent (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cce4759dae5c3e0526e14affa1a1dc24fd8a3f8189dc1c85bfdbb88cde5a7319 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10328 Malicious code in sc-meta-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e8afeccfd77a3b36e9c24aa1057807ba8f2a18972791b3cbc857e3d961e60d8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10299 Malicious code in @amagioss/js-timecode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5cd0e634cb711f3c81ba053e00875d83653e7f7f70757ace4e3234b538bc5c88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10273 Malicious code in cms-ti-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7100910eea49836b4baf265c4f34b2964d486d5f305a31fc08cb57bf04ce96d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10272 Malicious code in cms-hpti-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e35f9a2795b7a81d170feae4580fb5fab3f60a4f289259701395afe3031d0996 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in oneui.angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bbff39f683b1b6c064ebc065aae50d8fd4123b1b53b7f90bed51db2d19562a6e The OpenSSF Package Analysis project identified 'oneui.angular' @ 99.99.99 npm as malicious. It is considered malicious because: - The package...
Malicious code in @sixsense/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0f021d4dc50ebf01ce5a1613889fcaddc92acd07499b0c461b306a6ad5407442 The OpenSSF Package Analysis project identified '@sixsense/core' @ 1.0.4 npm as malicious. It is considered malicious because: - The package...
MAL-2024-10227 Malicious code in @woody-mrs-potato/utils-banking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1466f5d4f097f853c6a448bec817a35b2d4173df50bee1404ba4b46433387349 The OpenSSF Package Analysis project identified '@woody-mrs-potato/utils-banking' @ 1.0.5 npm as malicious. It is considered malicious because: ...
MAL-2024-9460 Malicious code in sling-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71488d197d0f61aaf0b4572ea62c47f0735db314374038355cbdf5735e7ca1b1 The OpenSSF Package Analysis project identified 'sling-sdk' @ 9.8.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9454 Malicious code in ohcm-polymerase (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c32ed5d7615b41cea1ded4a590d20e42f353b3a6e43315a2eac25a8c63ab6607 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9452 Malicious code in pwn2day-shell (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0511d29fc5da2e5b913f1015e3a397abcd973ec98bffbff3b41a857ba68dab31 The OpenSSF Package Analysis project identified 'pwn2day-shell' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9442 Malicious code in @ng-cat/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c0268f0af6152271247edc368914f17157c4261598da984de9ee52333993057 The OpenSSF Package Analysis project identified '@ng-cat/common' @ 9.99.9 npm as malicious. It is considered malicious because: - The package...
MAL-2024-9439 Malicious code in @ttspc/open_center_qf_detail (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a15a1727f1b14f403e9cffda24e402c7d16d8088d26e3bb7377d2d81ab791a52 The OpenSSF Package Analysis project identified '@ttspc/opencenterqfdetail' @ 100.100.102 npm as malicious. It is considered malicious because: ...
MAL-2024-9437 Malicious code in eslint-config-bc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6df69ef80bd1fa8d92354d60af1310a623bcc81f45747601445f423c670e0545 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9420 Malicious code in @ciam-expressjs-vanilla-samples/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cc28deadcf9235665f79c65d92ca7684f27361c14efa6bcd44ad82b40947b9df The OpenSSF Package Analysis project identified '@ciam-expressjs-vanilla-samples/shared' @ 1.0.1 npm as malicious. It is considered malicious...