15 matches found
MAL-2026-1064 Malicious code in cicd-ppe-redteam-test02 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 14adb6733ca8f958770b9766a7f255fbd8562886dce3b42cee772eac50e52d0f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in elf-stats-sleighing-mailbag-109 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 806052778d7970e94c40824de58ddfca3790e62ea9587441287268b8aff307d7 The package elf-stats-sleighing-mailbag-109 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49453 Malicious code in karemv1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9be53d7d069f1115ab0b8be4e3243af9ffb512d8a6dc0e31b5395852b1cbc3cd The package karemv1 was found to contain malicious code. Source: ghsa-malware 3f4cd13aca826d2f26c0f7927f298a62ee3f5a66fcc8567eff78027b93a02144 Any...
Malicious code in npmrunnode-fetch-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74027deb8f96cb586a9b82484dbb7818ccfbbfdd2147a05fdae660aad4211e53 The OpenSSF Package Analysis project identified 'npmrunnode-fetch-test' @ 1337.1.0 npm as malicious. It is considered malicious because: - The...
Malicious code in nileninjapkg3 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-48377 Malicious code in nileninjapocpkg1 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in tml-footer (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 00452b25be1612714f1d3a1de19a9429e6d4f1d0c2450103ce3791c2d27ff72a The OpenSSF Package Analysis project identified 'tml-footer' @ 99.9.9...
MAL-2025-6933 Malicious code in guppy-dev (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b56a4d108a100f12dd3aedb0e1f0f3b8007ecc181e366198a22242473696f219 The OpenSSF Package Analysis project identified 'guppy-dev' @ 2.0.0 n...
Malicious code in third-party-library (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0f1110748d4cb8dc4eb9d93bf92e8da0c61f4f1de420b3d738ed106689c7a1d9 The OpenSSF Package Analysis project identified 'third-party-library'...
Malicious code in umd-package (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ad3e74b099ff3ff3f76fcc33fcdb923f0321976d44219e9df1eb0d6113eb961 Any computer that has this package installed or running should be considered...
Malicious code in nlohmann-json (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5aa85efabb2331d4495a31e8b8101fb7a0cdd11d7c9a4724b6fbb2a3c60b9296 Any computer that has this package installed or running should be considered...
Malicious code in talk-desktop (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in meli-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 10e8951862693cd7f0abc511b5294f748fc5ebafd51d1e36a87114d2583d1221 The OpenSSF Package Analysis project identified 'meli-db' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...
Malicious code in iberia-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eca93207608d214136145d5d86c9fda0d83c29002132a2b488fd475aa6c10c8f The OpenSSF Package Analysis project identified 'iberia-parser' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...
Malicious code in easy-transify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis da33e7bf1f97126745cda88021b8ac2884cd095a84a70caaf6938bb505f3f5df The OpenSSF Package Analysis project identified 'easy-transify' @ 7.2.3 npm as malicious. It is considered malicious because: - The package...