MAL-2024-7493 Malicious code in sap-active (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f78117a7c22adb22e2e09e1906545e768ab5e36bbd1a8b4e279b64201c4d3fe9 The OpenSSF Package Analysis project identified 'sap-active' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7495 Malicious code in sap-activkey (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5bcf3290f8461ce6ff5c8a8ebc248fd690b03bcb7506c7387a878e6b59c0e34a The OpenSSF Package Analysis project identified 'sap-activkey' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7498 Malicious code in sap-add (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 85f549efd6de238e8a117fb3cf7a8b574d3d7ea9cbcf639e22eef77987d7364a The OpenSSF Package Analysis project identified 'sap-add' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

MAL-2024-7487 Malicious code in sap-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a86fb8f978ad82ca9de70f4315ffa1df414b3ff775a936c4e79ffff2f585c024 The OpenSSF Package Analysis project identified 'sap-action' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7489 Malicious code in sap-actionfile (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1ddc8179af4dd85a502b57776b8f45e5e370057c128851a174d17f16288db2de The OpenSSF Package Analysis project identified 'sap-actionfile' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7488 Malicious code in sap-action2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a7074778f420cd6e72cd47c261e9d9628b1b4257940eb2224ba02a924ed3706 The OpenSSF Package Analysis project identified 'sap-action2' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7482 Malicious code in secnav (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a9e8a7599691831cd3f6a1111dfd17e5b50219d9eabcfffa1ff08edb10be6d8c The OpenSSF Package Analysis project identified 'secnav' @ 69.69.69 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7425 Malicious code in fake-package-apache-with-copyleft-dep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dccffa1d5f84a8476d98fd5eed5c0401aba753ef0916b506d1b8f9687029351d The OpenSSF Package Analysis project identified 'fake-package-apache-with-copyleft-dep' @ 4.0.0 npm as malicious. It is considered malicious...

MAL-2024-7061 Malicious code in prpc-client-instance.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 890706b9c002912e24d6ea56d82d7736b12c82d91cc8dc4e7a2bc97e4c1d6d9e The OpenSSF Package Analysis project identified 'prpc-client-instance.js' @ 69.69.69 npm as malicious. It is considered malicious because: - The...

MAL-2024-1667 Malicious code in @wdp-gov/lineage-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b30855ea8cc386194da24bd8f34fefc9372384eef6482801222bd4b23fa7a172 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1659 Malicious code in openstad-component-forms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ce99b034a6f67b0bd613755012e00352d254a5b438c7d65a687a2e2e2458cd7e The OpenSSF Package Analysis project identified 'openstad-component-forms' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

MAL-2024-1647 Malicious code in tyk-developer-portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6830a4dad414db435db7f758c7ca9a035d4571a5f4e1053c017e1ee603629e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1630 Malicious code in mvp-website-html (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 89574af4bb00d4c540ffc8651f5ef4bcc0f72af2368ee6e32346807e91d2e8a0 The OpenSSF Package Analysis project identified 'mvp-website-html' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1628 Malicious code in rb-info-banner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 795c3e45bb638b1058118c99f65db4e6f84244a2af7acbb4d6bd09a19b94dca6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in delta0231 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7df399fa1580fb8e64d7cd2481b0212f607aa8146a1b904b83a7af05ebb8031b The OpenSSF Package Analysis project identified 'delta0231' @ 100.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1624 Malicious code in importlib-metadate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b6db8994d6a78a5d0d95df2d0add2257ee6188f8c5419cbd7e2813426739d15d --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: baidu-readver Reasons based on the campaign: - The package...

MAL-2024-1611 Malicious code in employee-schedule (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71b36d3a13dcd71ba835e490919b150ec8fbc7de88517906ec7aecaaf89dcbab The OpenSSF Package Analysis project identified 'employee-schedule' @ 99.9.2 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1588 Malicious code in leocare-new (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 311899bcdd83d3cd308268641290fc8fd0f503d308fc1bbf7488b5f0fab734cb The OpenSSF Package Analysis project identified 'leocare-new' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1565 Malicious code in aws-public (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b192498364ed7190f44f00a98983087f969407bd217eadfed1c6353335eda7f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1561 Malicious code in rb-payment-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4eb4113e8b820d0f3ed35205bfc6b682ce6bb937db31002b79c44bb723908e18 The OpenSSF Package Analysis project identified 'rb-payment-wallet' @ 0.1.2 npm as malicious. It is considered malicious because: - The package...