34 matches found
Malicious Package
Overview @navancorp/ta-travel is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Embedded Malicious Code
Overview cdn-icon-fetcher-help is a Malicious package. Affected versions of this package are vulnerable to Embedded Malicious Code. Once this package is installed and executed, it downloads a Javascript file from a cdn-static-seven.vercel.app URL, which appears to be an image hosting site. Howeve...
Malicious Package
Overview youreallydontwantthispackage2131 is a malicious package. This library contains malicious code and was removed from the package manager PyPi Remediation Avoid using all malicious instances of the youreallydontwantthispackage2131 package...
Malicious Package
Overview braintree.github.io is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between...
Malicious Package
Overview discordjs-lofy is a malicious package. This package injecting malicious Javascript code into the Discord client. Remediation Avoid using all malicious instances of the discordjs-lofy package...
Malicious Package
Overview 1-as-identityfunction is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview active-modelserializers-cancan is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid...
Malicious Package
Overview active-modelserializerplus is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview alertyplugin-datadog-event is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview multi-movingsign is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview accepts-nestedserializedattributes is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoi...
Malicious Package
Overview fluentplugin-statsite is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...
Malicious Package
Overview activeadmin-searchable-select is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid usi...
Malicious Package
Overview association-validator is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...