354 matches found
Malicious Package in harmlesspackage
Version 0.0.1 of harmlesspackage contains malicious code as a postinstall script. The package printed a message to the console and performed a GET request to a remote server. Recommendation Remove the package from your environment. There is no evidence of further compromise...
GHSA-8HMR-W35F-3QGJ Malicious Package in harmlesspackage
Version 0.0.1 of harmlesspackage contains malicious code as a postinstall script. The package printed a message to the console and performed a GET request to a remote server. Recommendation Remove the package from your environment. There is no evidence of further compromise...
GHSA-JF8X-WG7F-P3W8 Malicious Package in cage-js
All versions of cage-js contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should...
Malicious Package in cage-js
All versions of cage-js contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should...
GHSA-G9WF-393Q-4W38 Malicious Package in only-test-not-install
All versions of only-test-not-install contain malicious code. The package deletes the folder /test from the system as a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise...
Malicious Package in my-very-own-package
All versions of my-very-own-package contain malicious code. The package sends the output of process.versions, process.arch and process.platform to a remote server in a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise...
Malicious Package in maybemaliciouspackage
All versions of maybemaliciouspackage contain malicious code. The package prints the system's SSH keys to the console as a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise...
GHSA-W3F3-4J22-2V3P Malicious Package in destroyer-of-worlds
The package destroyer-of-worlds contained malicious code. The package contained a bash script that was run as a postinstall script. The script deleted system files and attempted to exhaust resources by creating a large file, a fork bomb and an endless loop. The script targeted UNIX systems...
Malicious Package
1337qq-js is a vulnerable package. In the postinstall script, the package targets UNIX systems by reading system files, environment variables and npmrc file, and exfiltrates the information to an external server at 119.28.41.206 on port 9999...
AZL-44988 CVE-2016-4983 affecting package dovecot 2.3.20-1
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
CVE-2016-4983
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
Code injection
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
CVE-2016-4983
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
CVE-2016-4983
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files...
Malicious Package
harmlesspackage is a malicious package. The package contains malicious code existing as a postinstall script. The package printed a message to the console and performed a GET request to a remote server...
Malicious Package
Overview Version 0.0.1 of harmlesspackage contains malicious code as a postinstall script. The package printed a message to the console and performed a GET request to a remote server. Recommendation Remove the package from your environment. There is no evidence of further compromise. References...
Malicious Package
Overview All versions of cage-js contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that comput...
Malicious Package
Overview All versions of only-test-not-install contain malicious code. The package deletes the folder /test from the system as a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise. References GitHub Advisory...
Malicious Package
Overview All versions of my-very-own-package contain malicious code. The package sends the output of process.versions, process.arch and process.platform to a remote server in a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise...
Malicious Package
Overview All versions of maybemaliciouspackage contain malicious code. The package prints the system's SSH keys to the console as a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise. References GitHub Advisory...