8 matches found
Malicious code in clean-order (npm)
The package 'clean-order' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in cdn-fe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d46d020b8f0a6ff1bcbb09ee63d0083f060a65c38e6f1d6518e860750e837544 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/dignissimos-aliquam (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff37bd560e9e75ee2abdc2c1e0324562424f9e731754bb712880d013cc93ce3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2312-5605 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f7c81bbc64564ec1735790e781e6cc3a4eb7572b8934c61f6516ebe3355fe99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eagleshotelcaliforniamultitrackflac_top__k3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a87cdadc6c6aeb8ba78b9a321b5251a946cc6483fcfb3e93847b59d81cb33fef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in datfeorma3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec20fa2fcec1cafd71b0cd318af2126ff2b8751228f243b599011e66ac784c1d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in acookie (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c39328ed01806ba9869d6404c3f8067539c3b1dca5f918612953cb1c3ba7ea38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in open-xchange-guidedtours (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 165515a2af3aac90d5fa6c4905c170d5168d9f384307183325801f4e0fb532d8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...