Lucene search
K

454 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 7:27 p.m.9 views

Malicious code in nottuff25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...

6AI score
Exploits0References4
OSV
OSV
added 2026/06/16 7:27 p.m.8 views

MAL-2026-5916 Malicious code in nottuff25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...

6AI score
Exploits0References4
The Hacker News
The Hacker News
added 2026/06/15 11:7 a.m.27 views

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program PUP family. The cluster spans 38 separate Chrome Web Store publisher accounts and three brand backends: tabplugins.com,...

5.5AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/04 11:19 a.m.16 views

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...

6.1AI score
Exploits0
Snyk
Snyk
added 2026/06/01 9:0 p.m.10 views

Malicious Package

Overview bomboclatwallahi is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview timmytuffknuckles6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.10 views

Malicious Package

Overview abuden219 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview ishowfeet20 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview ishowfeet2 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview nottuff23 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview abuden4 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.10 views

Malicious Package

Overview nottuff1 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview backup2-asd is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview lowkeybored is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview sixseven3 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.12 views

Malicious Package

Overview sixseven6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.10 views

Malicious Package

Overview abuden24 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview ishowfeet16 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.16 views

Malicious Package

Overview captainindia is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.13 views

Malicious Package

Overview ratelimitsucks2 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder