Lucene search
+L

2696 matches found

OSV
OSV
added 3 days ago7 views

MAL-2026-10694 Malicious code in vor8zakon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99924288481504c324c3f573ba7ba99ac4e1c7a7f22a940c94d81059b868fdfd Package advertises itself as 'A simple cryptographic library for JavaScript applications' but ships no crypto code and exports nothing. package.json...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago12 views

Malicious code in crypto-hasher (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5162012006c5d2576c6f93540445f10185d44acfb5cef39764f7a2b45c45d205 [email protected] impersonates the hash-wasm library. Its main entrypoint dist/index.umd.js injects code into the WASM Interface update method so...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago12 views

Malicious code in micro-ui-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be44655a47177f3740201ddb9dc66db080b9f665354c78bcebeb9a2da3b11b7f On npm install, the package's postinstall script postinstall.js reads os.hostname and sends it as a query parameter in a plain-HTTP GET to a hardcode...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago10 views

Malicious code in sight-bind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago9 views

Malicious code in abuden214 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bdbebaa72ae71aae5482f3726a6be11649402b33365104e2fbf39f1db624137 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago9 views

Malicious code in abuden230 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2234aab0cda39685bbdd725de23c50e6e6b78ca85d8ae3c48dc0577287406f65 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in abuden28 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a58dd1a008e23641f5373b4593347947fb72a1a199e2354ffe75c79af4066d98 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in abuden226 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a4986d9e75be69083a7905e5ef5e4558e17fe8b9f15777a9cd692c882b9d6b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago6 views

Malicious code in abuden220 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5db7640be1dad05b49efcd772335edd1d23af2473f60abc8104719377761f272 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in nottuff29 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074e027c282713fdcd142d97a0a6b07a661db091f58be50fd7fb9dfa724b968f The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago6 views

Malicious code in nottuff13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fcdb937c07c7ec8c87b884a8410166890165c5e9554397ed5ebcb1a5e58cf7 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in nottuff24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d91c65c2ae847d5e741575bbc60ac69c0d2aca4973888c6ce2fc85daac3e30 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in nottuff12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beeb7a0cb302b59468d0c8e75f4eac559afebefdf4526e4ed0832ab6ffc738ad The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in abuden25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f03c9f736be5719a51f9b5cf2a256ab6d2a295f1fb79b7a937932f658d2e268 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in ishowfeet14 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d5ea096e484eab34ce84d950ffdad898264b0bc86deff68a6a48ec857a126fb The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in ratelimitsucks3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a45b50938677bb4c4bcdeee48af3fd57a8204d48d6aff16a1351ae814491391 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in speed3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b80af0db1256f63f83fad514fe6b535d6af57513431058efc38136dddd18022 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in ishowfeet4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8772abfff8be97e21dacda47b1a535bea90b6793740846a30308d75c3b2f655b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in speed2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47ee5a1e5570a63d86ae75e5eaa2bf0553516a6796d51c0f7479796470f34708 [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in miguelphonk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c26ae2a9608c5a861f096563a0ef1171cb898403537612739792024abcc2ff The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
Rows per page
Query Builder