3 matches found
uniapi version 1.0.7 contained an information harvesting script.
uniapi version 1.0.7 introduces code that would executeon import of the module and download a script from a remote URL,and would then execute the downloaded script in a thread.The downloaded script would harvest system informationand POST the information to another remote URL.This code was found ...
Malicious code in openssl-node (npm)
This package executes a post-install script to collect system data and sends it to a remote server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06f19e257e800106253b9b27f14e1caac48d65284d85d47aa244d8aa9bfc97a8 Any computer that has this package installed or runni...
Malicious Package
Overview videojs-sneakpeek is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between tha...