Lucene search
K

5 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 7:4 a.m.16 views

Malicious code in @emcd-vue/auth (npm)

Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to pose as an internal Vue.js front-end tooling package from "EMCD Platform Engineering." The package...

6AI score
Exploits0References2
OSV
OSV
added 2026/03/20 4:32 a.m.3 views

MAL-2026-1937 Malicious code in @dotprompt/promptly-darwin-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 120d702f1e340ffdca19411824d16c6b6f381c53e0cb3e123982aaba2d013458 The package @dotprompt/promptly-darwin-arm64 was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:25 a.m.3 views

Malicious code in athira-darwin-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f5187d16196b84804557d150debc4215dc39e15856b77fb994551bf7457299c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:25 a.m.5 views

Malicious code in skinnyvans-darwin-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7c46b0e2fd5826ee3bdd4b6d38a695126f358eaa2be3ea79a33dea0667db347 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/05/27 5:25 a.m.3 views

MAL-2025-4503 Malicious code in skinnyvans-darwin-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7c46b0e2fd5826ee3bdd4b6d38a695126f358eaa2be3ea79a33dea0667db347 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder