2 matches found
Malicious code in @antoncarlos1/nodelamp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d930df8b6392b3bbfe3b591d90226374d31fb246e06018521f3f673a815b618a @antoncarlos1/[email protected] ships a single obfuscated index.js that runs a dropper on require. The top-level IIFE constructs a hardcoded IPv4 URL by...
MAL-2026-4674 Malicious code in superacli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c45fea405a610447f72926e8663afc4151606f39189d380bf929ad09419908b plugins/gopass/daemon.js opens an outbound WebSocket connection to a hardcoded bare IP ws://92.113.145.178:8768 defaulted via process.env.GOPASSUIURL...