GHSA-FQW7-8V6M-2F86 Malicious Package in hulp

All versions of hulp contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and...

Malicious Package in froever

All versions of froever contain malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a backdoor...

GHSA-2R8F-2665-3GXQ Malicious Package in froever

All versions of froever contain malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a backdoor...

GHSA-8MMF-QP7J-2W24 Malicious Package in colour-string

Version 1.5.3 of colour-string contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and key...

Malicious Package in colro-name

Version 9.0.0 of colro-name contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys...

GHSA-JP9G-5X75-CCP8 Malicious Package in colro-name

Version 9.0.0 of colro-name contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys...

Malicious Package

m-backdoor is a malicious package. The package contains a preinstall script that originates from a remote server. The script potentially allows an attacker to execute arbitrary code on the victim's system...

Malicious Package

yoeman-generator is a malicious package. The package contains malicious code existing as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server,...

Malicious Package

log-symboles is a malicious package. The package contains malicious code exeisting as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server,...

Malicious Package

require-port is a malicious package. The package contains malicious code existing as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server,...

Malicious Package

emberclibabe is a malicious package. The package contains malicious code existing as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server,...

Malicious Package

8.9.4 is a malicious package. The package contains malicious code existing as a preinstall script. The package reads the system's SSH keys but does not upload it to a remote server...

Malicious Package

Overview Versions 1.0.2, 1.0.3, 1.0.4 and 1.0.5 of 8.9.4 contain malicious code as a preinstall script. The package reads the system's SSH keys but does not upload it to a remote server. Recommendation Remove the package from your environment. There is no evidence of further compromise at the...

Malicious Package

Overview All versions of sdfjghlkfjdshlkjdhsfg contain malicious code. The package is essentially a worm that fetches all packages owned by the user, adds a script to self-replicate as a preinstall script and publishes a new version. Recommendation Remove the package from your environment and...

Exploit for Improper Input Validation in Apple Mac_Os_X

CVE-2019-8561 Proof of concept exploit for CVE-2019-8561 disc...

Malicious Package

Overview All versions of test-module-a contain malicious code as a preinstall script. The package fetches all names of npm packages owned by the user and attempts to add another maintainer to every package as a means of package hijacking, Recommendation Remove the package from your system. If you...

Malicious Package

Overview Version 1.0.0 of rimrafall contains malicious code as a preinstall script. The package attempts to remove all files in the system's root folder. Recommendation If you installed this package it is likely your machine was erased. If not, remove the package from your system and verify if an...

Malicious Package

Overview All versions of hulp contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation Any computer that has this package installed or running should be considered fully compromised. All...

Malicious Package

Overview All versions of froever contain malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a...

Malicious Module

bowee has a malicious module in the form of a preinstall script. The script gets a backdoor file from a remote server and executes it, subsequently giving full control of the computer to an external malicious entity...