3 matches found
Malicious Package
Overview contract-metadata is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...
MAL-2022-2172 Malicious code in contract-metadata (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 531d1b915e5de8defd42622891db5be29a54fa2830480c3e30fd19a8d1a75cbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in contract-metadata (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 531d1b915e5de8defd42622891db5be29a54fa2830480c3e30fd19a8d1a75cbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...