Lucene search
+L

44 matches found

OSV
OSV
added 2026/06/24 11:4 p.m.10 views

MAL-2026-6424 Malicious code in leo-connector-mongo (npm)

The leo-connector-mongo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.10 views

MAL-2026-6430 Malicious code in leo-sdk (npm)

The leo-sdk npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.19 views

Malicious code in autotel-aws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e356eee42d8cb9a80967237c11de3358548389fe2e413f1bbc3fae630c7d28f8 No concrete installer-harm signals were identified in this package version. No lifecycle hooks fetching external code, no credential-path reads, no...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.14 views

MAL-2026-5258 Malicious code in executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9900528338f5a1325fa66f8ebc1b72d1a24d63d708b42bbd5c54146ad7a6cbd No concrete installer-harm indicators were identified in this package version. No lifecycle-script behavior, network beacon, credential read, or...

6.2AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.20 views

Malicious code in executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9900528338f5a1325fa66f8ebc1b72d1a24d63d708b42bbd5c54146ad7a6cbd No concrete installer-harm indicators were identified in this package version. No lifecycle-script behavior, network beacon, credential read, or...

6.1AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.17 views

Malicious code in autotel-drizzle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed16d2715633927ef05b9b370a8d37f95581137f46144053bcb53f94430f2f33 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5262 Malicious code in node-env-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 760048287047e989e9525d9cbf2647fd2fb0807a274bfbd0b6ae77ed75cbce0f The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5201 Malicious code in @ethlete/dsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70c5d7385124d81ab784d06593b0df8f05d245c165ea1ebfee9cb6b49b817ab0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5240 Malicious code in create-cf-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56d9884f6d63e063d1320b8d8efbfb8852f00bd3c18c87b03b445f6978897570 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.14 views

MAL-2026-5196 Malicious code in @ethlete/cdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 388964a1e683fdb11adf39ffe9b97f4114b9bcd9547f941d27adb4fccff22add The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5227 Malicious code in autotel-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac3753f5000aa2bef53314f8715b374c6996fd76c7646430af91f2549974118 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.10 views

MAL-2026-5253 Malicious code in executable-stories-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8558677662bfcde2a5014a6ab8947b18228abb9415a5e41a964bcf5f5dd985 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-adapters (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e39e600baede93e3a5b493d603c5fe392c561544c95611960149ac4e7b99f98 No concrete installer-harm evidence was identified for [email protected]. No lifecycle-script droppers, hardcoded exfiltration endpoints,...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in github-archiver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d8f3a21af0a31a899de9e8eabd09e30c6e05e620ab3a7d7af420c34214898b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.17 views

Malicious code in wrangler-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d2085fa4916157b99799df085aa11e3d29bdb9a47f5798c85375b1bfdf8bd7e Package name wrangler-deploy is close to Cloudflare's official wrangler CLI, which raises confusion-risk concerns for developers who may install it...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.17 views

Malicious code in @ethlete/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 580c72aa7afc42653ec3679eeaa96ac10d9c389434355415542ac48a36c39b45 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.25 views

Malicious code in autotel-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2bbb2ac2e6e954090b85e740a9a10a8267429800107690dfbde310c0b3d9fc7 Pattern-based matches fired on the strings 'ping' and 'POST' co-occurring in the package's bundled output dist/index.cjs, dist/index.js,...

6.1AI score
Exploits0References31
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.19 views

Malicious code in @contaazul/n8n-nodes-contaazul (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fba5858825a845f02388990e34281d89dac395b6414e89c12c556d3fe0d7c45 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.16 views

Malicious code in create-cf-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56d9884f6d63e063d1320b8d8efbfb8852f00bd3c18c87b03b445f6978897570 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in awaitly-mongo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f476f15bad689e2500c24cf2f416567759e5182689cc2cc301912ddfde02b1c4 No concrete installer-harm signals were identified in this package version. The package name suggests a MongoDB-related async helper, but no specific...

6.1AI score
Exploits0References27
Rows per page
Query Builder