Lucene search
+L

171 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in abuden211 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b56fab3567bb384777773b6a1a1793f1842ae69d9937268e4c6d837072f51ac The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/07/07 3:34 p.m.11 views

MAL-2026-6930 Malicious code in annotator-harvardx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e60352f3188693c150a75a0c785e9398fd12270a4cd481c3bcb411993beffbbd The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 7:0 p.m.11 views

Malicious code in winston-prism (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06134c2a9c642914c91312e4d0184158fda282ec1bb3715fc143e7834993e266 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:53 p.m.10 views

Malicious code in logger-beauty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29f894c613d7ea8f407e4515aca877e6f13b5bb8e72530ce8032a534336b5a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/30 4:18 p.m.9 views

MAL-2026-6687 Malicious code in procwire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011cf28d546459d946b1ed6d92c3beb4cb7c5322d6a9370d52fcd40e9a81ac2f On Windows, installing [email protected] automatically downloads and executes an attacker-controlled executable. The package.json preinstall script runs...

6.3AI score
Exploits0References3
OSV
OSV
added 2026/06/15 11:47 p.m.8 views

MAL-2026-5847 Malicious code in reading-cookies (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d137cd4e8e7fc6d323c33ed04a87a97b152b217f948d01fae3172900751bf121 On import, the package's middleware spawns a detached node lib/caller.js child process. caller.js decodes a base64-obfuscated URL...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 9:5 a.m.20 views

Malicious code in ts-iter-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52fbece62de86bd0498245046503745a1c94d8be949096277c47cd4a01f99dcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 8:11 a.m.16 views

Malicious code in mobile-international (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 543efd73c4d2860379f7e412db8f3ddb33401c3788a2a18f5ec0648e33b51a33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/25 8:9 a.m.15 views

MAL-2026-4342 Malicious code in wm-w5g-preview (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5bc0860496300da0db2cc794dea65576b86229a620d4de1b2da80ad79caa333f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/14 3:49 p.m.7 views

MAL-2026-3731 Malicious code in mrgn-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:26 a.m.14 views

Malicious code in @squawk/navaid-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 966263f7b58fca4470e282294f432c7c78d25b154b3c6daf6580d2b426a5e004 The package @squawk/navaid-data was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:18 a.m.10 views

Malicious code in @squawk/fix-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 624b956af551986dc49e0004c6e0c804f3b48f57216b63bb5784c9c236e866da The package @squawk/fix-data was found to contain malicious code. Source: ghsa-malware b47010b41e9098203e9d382c36292a5bfa3c32741fbc916a9a9935f9975fc8...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 3:2 a.m.12 views

Malicious code in @apple-pay-trust/check-apple-pay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e70605dbfa408340f5181bb26e47fb08e3ff8925c50aee6cb62132e724ba7a09 The package @apple-pay-trust/check-apple-pay was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 1:43 a.m.16 views

Malicious code in tinfoil-shops (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12060d7ba8ada1f0215277ed3936de1f8e9f03d47430fe816b634778291d7024 The package tinfoil-shops was found to contain malicious code. Source: ghsa-malware 5fafb06ed458abc37062e49cbd57b0e5c348dba7d88d1524ca5df198216d7326...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/22 6:26 p.m.7 views

MAL-2026-2078 Malicious code in @emilgroup/task-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4aef8ca2987206595d5c54a2df6265669bdb67ca99915bb763ac38f2d6a46d7 The package @emilgroup/task-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/06 2:18 p.m.5 views

MAL-2026-1265 Malicious code in aaaaaxxxxx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74022d63a8f08b2891b69972616980c694bf36c621e434d53bb293d3c556d50e The package aaaaaxxxxx was found to contain malicious code. Source: ghsa-malware 76e892030ae3b51f49aca22d108dff0826190b133c1d18bd448c9308b904f8d4 Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/03 3:23 p.m.2 views

MAL-2026-1219 Malicious code in demo-pipelinetest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cdbe67e8fa0e92aa8f588916bbaf7b0c041cd6613636172f671c1a6251df15e The package demo-pipelinetest was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/02 3:56 p.m.3 views

MAL-2026-1128 Malicious code in colorize-console (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f4e60bdcd92f4f5690797fa091f0acb0a463de5c353ded0f6f5e7317a2f84eb The package colorize-console was found to contain malicious code. Source: ghsa-malware a0e5faaa04c5e7d06c634dc2be1f148aa27acb8842f1731dad902bdb3e33d1...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/02 3:48 p.m.6 views

Malicious code in sukuna-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07b29340747170d24de4cad05110d564fdbd92e9f3fbbd5af57ab84bf85e619 The package sukuna-baileys was found to contain malicious code. Source: ghsa-malware 5708a63cc8ed7f411f26a07bdf5a6653f438a103c0ddee8518c172f4adb73c73...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/02 3:48 p.m.2 views

MAL-2026-1129 Malicious code in danzxz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4833c4fc240e2ee3782998738394ab42ff4d28ba2edcdf9e6aa97e195b12b32e The package danzxz was found to contain malicious code. Source: ghsa-malware 3426bcec6ad873a2aee246f7333e939a481c489dbbdffab631e2f588c421b629 Any...

5.7AI score
Exploits0References1
Rows per page
Query Builder