Lucene search
K

22 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 6:48 a.m.11 views

Malicious code in build-tracker-n5p1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e731775fde27ad6db493d20397b27eee9b4a6ea0bf515f9516cc974ea3e12619 Package name suggests build telemetry tooling, but the tarball ships beacon scripts beacon18.js, beaconlinux.js wired to a postinstall lifecycle hook...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/19 6:48 a.m.11 views

MAL-2026-6196 Malicious code in build-tracker-n5p1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e731775fde27ad6db493d20397b27eee9b4a6ea0bf515f9516cc974ea3e12619 Package name suggests build telemetry tooling, but the tarball ships beacon scripts beacon18.js, beaconlinux.js wired to a postinstall lifecycle hook...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:42 a.m.10 views

Malicious code in pkg-telemetry-r4f9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector decf727db779a7cc4017b0bd8000f9fb40bcc5c6d93b016144a94e245886ea4e On install, package.json's postinstall hook runs node run.js, which loads beacon scripts that combine childprocess, os, and http modules to collect...

5.5AI score
Exploits0References2
OSV
OSV
added 2026/06/17 4:42 a.m.10 views

MAL-2026-5990 Malicious code in pkg-telemetry-r4f9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector decf727db779a7cc4017b0bd8000f9fb40bcc5c6d93b016144a94e245886ea4e On install, package.json's postinstall hook runs node run.js, which loads beacon scripts that combine childprocess, os, and http modules to collect...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:41 a.m.8 views

Malicious code in runtime-metrics-w7k2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c2062a3f2564ced7261d9b8be8a49e11117bd74ffe3e92aad6029c471921e2d Package declares a postinstall hook "postinstall": "node run.js" that fires automatically on npm install. The tarball ships beacon scripts beacon18.j...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/17 4:41 a.m.6 views

MAL-2026-5992 Malicious code in runtime-metrics-w7k2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c2062a3f2564ced7261d9b8be8a49e11117bd74ffe3e92aad6029c471921e2d Package declares a postinstall hook "postinstall": "node run.js" that fires automatically on npm install. The tarball ships beacon scripts beacon18.j...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:41 a.m.6 views

Malicious code in npm-sandbox-ping-r9t2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 335649d395a44d7de1bc6343dbce1f0459414ef92ab149413a86b47e28f3c7c3 package.json declares a postinstall hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon14.js,...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/17 4:41 a.m.7 views

MAL-2026-5986 Malicious code in npm-sandbox-ping-r9t2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 335649d395a44d7de1bc6343dbce1f0459414ef92ab149413a86b47e28f3c7c3 package.json declares a postinstall hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon14.js,...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 1:34 a.m.10 views

Malicious code in metrics-pipeline-d8k2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01ad2ee3d3807102a3f02c01af0d3fec46d91e9764eb77a8bcedf9c6be7fc3b0 Package declares "postinstall": "node run.js" in package.json, causing automatic execution of bundled beacon scripts on npm install. beacon29.js load...

5.8AI score
Exploits0References22
OSV
OSV
added 2026/06/16 1:34 a.m.3 views

MAL-2026-5858 Malicious code in metrics-pipeline-d8k2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01ad2ee3d3807102a3f02c01af0d3fec46d91e9764eb77a8bcedf9c6be7fc3b0 Package declares "postinstall": "node run.js" in package.json, causing automatic execution of bundled beacon scripts on npm install. beacon29.js load...

5.8AI score
Exploits0References22
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.13 views

Malicious code in npm-sandbox-research-e9f0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18a9932f78294e22aa0a85077b9318233ab0952bc8788ae8987fce3e5002c93 Package declares a postinstall hook "postinstall": "node run.js" that executes automatically on npm install. The tarball ships beacon scripts...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/14 7:30 a.m.17 views

MAL-2026-5762 Malicious code in npm-sandbox-research-e9f0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18a9932f78294e22aa0a85077b9318233ab0952bc8788ae8987fce3e5002c93 Package declares a postinstall hook "postinstall": "node run.js" that executes automatically on npm install. The tarball ships beacon scripts...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.14 views

Malicious code in npm-sandbox-ping-c8f2a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5401a81d56283c310efebfe29af19c3e3fa331667f40adeed71a54627adc877 Package declares a postinstall hook "postinstall": "node run.js" in package.json that executes on every install. Bundled scripts beacon6.js and...

5.5AI score
Exploits0References2
OSV
OSV
added 2026/06/14 7:30 a.m.14 views

MAL-2026-5757 Malicious code in npm-sandbox-ping-c8f2a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5401a81d56283c310efebfe29af19c3e3fa331667f40adeed71a54627adc877 Package declares a postinstall hook "postinstall": "node run.js" in package.json that executes on every install. Bundled scripts beacon6.js and...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.16 views

Malicious code in npm-sandbox-research-8b2f (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 916280d3906e0f04caa7f46135039e4a42b03a5c96091c1555ad2ab0e86b923b On install, package.json runs postinstall: node run.js, which loads beacon scripts beacon8.js, beaconlinux.js that import childprocess, os, and http,...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.11 views

Malicious code in npm-sandbox-research-c5d6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7dd3f64f94b15f73c62c5733a5910802ff22adc514e0eb08e153817fcd4158b The package declares a postinstall hook "postinstall": "node run.js" that executes automatically on npm install. The shipped beacon scripts...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/14 7:30 a.m.13 views

MAL-2026-5758 Malicious code in npm-sandbox-research-8b2f (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 916280d3906e0f04caa7f46135039e4a42b03a5c96091c1555ad2ab0e86b923b On install, package.json runs postinstall: node run.js, which loads beacon scripts beacon8.js, beaconlinux.js that import childprocess, os, and http,...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.15 views

Malicious code in npm-sandbox-research-d7e8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff31cbf7e2e36cef422933472638912cd6ee6652ece9b03d11faa98b70d13e9 Package declares a postinstall lifecycle hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon12.j...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/14 7:30 a.m.12 views

MAL-2026-5761 Malicious code in npm-sandbox-research-d7e8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff31cbf7e2e36cef422933472638912cd6ee6652ece9b03d11faa98b70d13e9 Package declares a postinstall lifecycle hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon12.j...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.16 views

Malicious code in npm-sandbox-research-9c4e (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24c86d7d2179375f642423fc8c38f58f5740b543bacab149ba8d4cbdcd7dc4cf On install, package.json runs node run.js via a postinstall lifecycle hook. The package ships beacon scripts beacon9.js, beaconlinux.js that import...

5.9AI score
Exploits0References2
Rows per page
Query Builder