964 matches found
MAL-2023-1134 Malicious code in chain00xtest3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d395f073dbbc2c8412d5341657a944edf74e11f1234dc1a97587fc4c3e6028c5 The OpenSSF Package Analysis project identified 'chain00xtest3' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1133 Malicious code in chain00xtest2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a9d4552592ce0f6795c5766700fad9ffb00693e9e153665354e7f4286917 The OpenSSF Package Analysis project identified 'chain00xtest2' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...
MAL-2023-296 Malicious code in dvknpm-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 699740896647f6c3926d3579cb62aaf2d4cb804f000f96f4ad3d049f5c176b13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1175 Malicious code in eslint-config-mirakl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a0a25468bc92620eecf8b46085022ddaa259cf5b4ef94bb98423249eeba1e308 The OpenSSF Package Analysis project identified 'eslint-config-mirakl' @ 22.5.15 npm as malicious. It is considered malicious because: - The...
Malicious code in dragonsense-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b16039afbf251f78d8c6adf4bb07342e8c112167bef9e0749651dacbdaf12c26 The OpenSSF Package Analysis project identified 'dragonsense-config' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-540 Malicious code in js-integration-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdf524832b5a7754384bb05dae5fb10558591f104915c2f9b5518db338003a92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1319 Malicious code in testipaketti_keketester (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0d80c6896d6f1131eb5e9b88ce8f72fdfd575ff8f7666be6c09eccc7e1b13798 The OpenSSF Package Analysis project identified 'testipakettikeketester' @ 1.0.3 npm as malicious. It is considered malicious because: - The...
MAL-2023-333 Malicious code in fc-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77f6035edb9c1d932bd670b4ecd252c5ad1d38ae3ff39f0f2d3e68ca68a1d99f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-352 Malicious code in fc-iban (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 835c3aed532f26ad6a891ed3275291ab1fda39d7c0a7e81d5420062466a514aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-538 Malicious code in jquery.select2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6dd7d61b3b3371967b1ec5a01455d7ec3bd6dc3372a8e399b6696c388394419 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1380 Malicious code in nagogypython (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8117b3cdd9aba1b5856d49e08ba3977736b12be51244aad3554dbf722156a220 The OpenSSF Package Analysis project identified 'nagogypython' @ 11.13.8 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1239 Malicious code in mongoose-geojson-schema-2d (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f64dbcc8b994e165e387b83aad34a6af319aafa0fe13b67eb52d8c5fb286e34f The OpenSSF Package Analysis project identified 'mongoose-geojson-schema-2d' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-1085 Malicious code in @mddsfmsdflm/itemselector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 88f4e295b9c4b793c8ffbdc4077606b6d5b61c41ab83b85bda2b46680c678174 The OpenSSF Package Analysis project identified '@mddsfmsdflm/itemselector' @ 103.0.9 npm as malicious. It is considered malicious because: - Th...
MAL-2023-602 Malicious code in mintel-react-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0a1835239b54b7888436777e7e123e588fdbf2fe1ca95d9162e6803d5027515e Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
MAL-2023-851 Malicious code in test-op-solhint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f8f315fe20128ae26be541522255c4eeab47ec166f70e54ca5a2c6cb533ae67 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1420 Malicious code in this-is-malware (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a09f1ea3e612edb3afa0fb412d98d5c1ce03b4303b89288ce84357b49b25a3ac The OpenSSF Package Analysis project identified 'this-is-malware' @ 0.1.0 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1349 Malicious code in yelp-js-error-reporting-init-error-reporting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0ef31127203cf701c7aa890cdebf10454c53c989cb98015927e9b62881c7bf6 The OpenSSF Package Analysis project identified 'yelp-js-error-reporting-init-error-reporting' @ 19.20.20 npm as malicious. It is considered...
MAL-2023-1169 Malicious code in ee-cloud-functions (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81e2426558f083dcdd4aade89e23d39e99ff609b2ec96c53490a9cd4927f98d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1213 Malicious code in int_access_worldpay_sfra (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97111e27f0fa3c0c573ceec6fba991c479ff7517b8043bdce5bb5150aa6644e8 The OpenSSF Package Analysis project identified 'intaccessworldpaysfra' @ 99.19.19 npm as malicious. It is considered malicious because: - The...
MAL-2023-1383 Malicious code in opencv-keras (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1f3dbc8704eb128ec656854e38ccd3c45d1232978eed378bb7711837dddd09bf The OpenSSF Package Analysis project identified 'opencv-keras' @ 17.10.13 pypi as malicious. It is considered malicious because: - The package...