2 matches found
Malicious code in postcss-processor-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0253c4f750443ba47f0ab61347fa85a1659b847190a85757575e904966636da On require, src/index.js loads src/token-loader.js, which reads data/design-tokens.json, XOR-decodes the base64 blobs under encrypted.chunks using a...
Malicious code in veilcord-tls (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron aed8328880d0c346cc1c0c9d51602617be4ea88a7a23878b68164484949555b2 This package decodes a payload and executes it whenever it is imported. It seems to be targeting veilcord package users. Its contents are almost...