10 matches found
MAL-2026-5349 Malicious code in @demica/core (npm)
Dep-confusion squat of internal @demica/core at sentinel high version 99.99.100 + auto-exec postinstall canary.js beaconing to RAW IP 157.230.17.236:80/dc. Sentinel-high-version + auto-exec beacon = MALICIOUS per operator policy c913; "authorized benign canary" framing does NOT downgrade, raw-IP...
MAL-2026-2126 Malicious code in agoda-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa0bc71a76133f8ba2469aab72a42ed605c22eaf6a3816754f5dff2cb21fa87 The package agoda-dep-confusion was found to contain malicious code. Source: ghsa-malware...
Malicious code in agoda-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa0bc71a76133f8ba2469aab72a42ed605c22eaf6a3816754f5dff2cb21fa87 The package agoda-dep-confusion was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview agoda-dep-confusion is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in dep-confusion-poc-monke (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd5eadc84c6eaa4f7eb92319cac88bbe0057e1eb86646846287104d5d7d8f9c0 Any computer that has this package installed or running should be considered...
Malicious code in dep-confusion-tester (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a02b1736028edc558aec7dae01fc23a8b183b0eb84ec65f6d97cad92f85d2083 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11964 Malicious code in dep-confusion-tester (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a02b1736028edc558aec7dae01fc23a8b183b0eb84ec65f6d97cad92f85d2083 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dep_confusion_test123 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95f5bc391a39cd114fa8cbec14792e02dbc7fdc132c33d675e5fe104568d81d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bananabr-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ec06c86d512781fc859918aefcfea7b20724e0b9334bc986a9547be543ae678 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1456 Malicious code in bananabr-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ec06c86d512781fc859918aefcfea7b20724e0b9334bc986a9547be543ae678 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...