Lucene search
K

22267 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in ratelimitsucks2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d35482838ac389f7af960c113776867c9c5a83b1995ad7ece20fd26b71918ce The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in sixseven2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27752f42df81ff26081065ce5bf64d59fa477dfbed72d1afbd359bffd3ab52df The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in sixseven1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96e63dd12f3157bb49fe3951bfb356c83b4b7349eed5947af87b09c40c868382 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in imillegal2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a225f0551d1cfdc2da755da6241bc992376b5beddd6bc0895ea816391556e985 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago4 views

Malicious code in backupsitetuff3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e8a9cdadf95e8850030fa5609c47ad2873664ce1001973cd8edf34176d4a779 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in ishowfeet4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8772abfff8be97e21dacda47b1a535bea90b6793740846a30308d75c3b2f655b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago2 views

Malicious code in ishowfeet3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc732922556c087a288d536adf6ef6bf7d643946239cd9563e0a9bc9b6960205 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in ishowfeet1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49cfb64273573166bc38b5ef83b722b3a264c8e19870fc65b35eaaa5504a69bf The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago2 views

Malicious code in sixseven6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fce7a5f40c9f40116627ed8a771d60c34786bc52648e39e0741fe392ed0120b The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago2 views

Malicious code in sixseven5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ff6db681456253158f47c4b36f5d7aa03089ec629cd7d0b0246a9ab6c871efa The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago1 views

Malicious code in sixseven4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dfd6ff82b27df8c8ecd3520e70b720e0ff6e6f4443e21d1230acebdfd032b6d The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in sixseven3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c8f4197e26649b629a6605099f9ca45ff63f04e58e5021a0f1ed410ac56cfd1 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago2 views

Malicious code in speed5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eec0d2d56f1e9730af8b7f3a7b8897e86491d48663f7b09ae7c716f6b3c0092 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in backup2-asd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6fe96add7d70ce5933988f1c78b934187e279d88618bd3f211de3d719177168 The tarball published as [email protected] is a Vite-built browser application branded 'Lucide' rather than a Node library. package.json declares mai...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in backupgenuine-updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 163e55285112106141566338db7483490b20567a431458b4b921a71534135ce0 Package published as [email protected] with description "Republished package" actually contains a Vite-built single-page application titled...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in backup5-updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fbc0dc5fea4212458853e895b9b9df474401727a4768f47e3016a8c871fd5c7 The package tarball contains multiple heavily obfuscated JavaScript bundles under assets/ AccountPage, DarkVeil, GamesPage, PlusBlockedNote,...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in backup3-ff (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a32646e3ad3e35186f8344c19ccdecfd69c26e8047fc44b77c0516b644fd094 The npm package [email protected] ships multiple heavily obfuscated JavaScript bundles under assets/ AccountPage, DarkVeil, GamesPage, PlusBlockedNote...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago4 views

Malicious code in backup4-gasp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e42991a6cdb40d2c1dec58317f280d0a6e38ad2dfa14b1a0dfe2ac40c5dc18a The package ships multiple heavily obfuscated JavaScript bundles under assets/ AccountPage, DarkVeil, GamesPage, PlusBlockedNote, SettingsPage that u...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 13 hours ago10 views

Malicious code in pure-folder-three (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e83bf74d7c84c48a1a478d7bb40bbd899c4fda613f1512b66184d3de478b480 [email protected] executes attacker-controlled shell commands on install and on import. The postinstall entry src/build.js decodes an obfuscate...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 13 hours ago5 views

Malicious code in dotnet-runtime-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c10c75766303f8c3bf261487e341e537f103116026309006ab71d977aacdd235 The package's postinstall lifecycle script package.json line 7: "postinstall": "node install.js" runs install.js, which on Windows writes a PowerShel...

6.2AI score
Exploits0References3
Rows per page
Query Builder