Lucene search
+L

1968 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday10 views

Malicious code in loader1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9578c2db9f9fd58bb7b743e3ca8581aa21f4632bb965dcb53b7a4aaa02e5667 The package ships a single index.html declared as main whose only behavior is to fetch...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago7 views

Malicious code in sync-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37fba87304c3a7ede2f03b87c89b49a3fb9b7f201befbaf79312da2cce65abc4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago8 views

Malicious code in relative-time-live (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffd93ad946d5607c42e226106c1f1b33370e92e92cf0a407928b7349523fec4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 4 days ago3 views

MAL-2026-10468 Malicious code in nodemon-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf8b1d5b3dd215c6c8d726b73ad11fbb29e7285da9a7e88854552931f750d437 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in nodemon-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf8b1d5b3dd215c6c8d726b73ad11fbb29e7285da9a7e88854552931f750d437 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in abuden26 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 440fa1b32d35cf2c41253e2fd1f63095ea65ac7733fa48edc9abef43877659c7 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in bismillahitidakimas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbdeeb9f66b286397502ebf5d67dacf17f4cc4f58917fa9d201d799bb99c3e2c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in sixseven4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dfd6ff82b27df8c8ecd3520e70b720e0ff6e6f4443e21d1230acebdfd032b6d The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSV
OSV
added 4 days ago2 views

MAL-2026-10387 Malicious code in thebigyahu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb60a0e719514988070d96c3cedea8d918edccef68203afe3cda86635c607de The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 4 days ago2 views

MAL-2026-10298 Malicious code in changiairportpromax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13ab194f6c4e1d4197856c229f74ebf46e7eb90ff703ff4dc3172379aea96923 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in omgyesyesyes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eeb53892156b3a1354703f4f8beb2591548726886a017ccc7129407eb128ed9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in midnightrush (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94313bf7eca9c82a6e6e6d8f3a7230fcdf936da5ff66069639e1957b4a8d2fe3 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/09 10:20 p.m.12 views

Malicious code in @kl-starfish/test-01 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b554249a85dcce61ed69ed5552bd6486b14a3ab2d72b7b243638a8ea24a8339 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/08 8:26 a.m.15 views

Malicious code in nam-os-a-man (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a483a2ae78f1f6f7d3d4da1ab74cc189f29564e002299f09c19e0d3eb41e40aa The package declares a postinstall hook that runs index.js on npm install. index.js collects the installer's OS username os.userInfo.username, hostna...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:53 p.m.7 views

Malicious code in log-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f55c4d43e953e16c7d0325948c789e0fdf1acefaca4b47ceabf199a5288e6f82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:53 p.m.9 views

Malicious code in metrica-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc9d835dca527dc5e6db2124ca93898cd3f4f8bf0b6589a60c0eceed23314d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:51 p.m.8 views

Malicious code in chalk-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a36409ecc80ae4c159621da4530caf78fa06d5003dd2a55e18da3ae92b434cfa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:50 p.m.12 views

Malicious code in big256-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 18f547bc04e09d0a4a99ac1e49992abd3dc35c02ad1bd963e8d0d07fd0e11464 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 3:44 p.m.9 views

Malicious code in @lodash-en/lodash-en (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccf4c6fcb3eb02a4b990660b8a47961f0cd393915787990149de40ee1b201a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 2:55 p.m.11 views

Malicious code in tailwind-animates (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4da1c506d3ce6cb8bac934a9b51e967b8c2965de414adb1193ba38a64934a78c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
Rows per page
Query Builder