Lucene search
K

30 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago11 views

Malicious code in rio-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed72d8256a1831ef61f01d101c9b9de21db822516cb3b61d1fffd1ef7b3bb0c7 [email protected] is a dependency-confusion attack package. package.json declares preinstall: node index.js, so npm install auto-executes...

5.9AI score
Exploits0References3
OSV
OSV
added 6 days ago6 views

MAL-2026-6956 Malicious code in rio-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed72d8256a1831ef61f01d101c9b9de21db822516cb3b61d1fffd1ef7b3bb0c7 [email protected] is a dependency-confusion attack package. package.json declares preinstall: node index.js, so npm install auto-executes...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 2:1 p.m.8 views

Malicious code in @openwebconcept/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 2:1 p.m.11 views

MAL-2026-2993 Malicious code in @openwebconcept/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Snyk
Snyk
added 2026/04/21 10:0 p.m.3 views

Embedded Malicious Code

Overview @openwebconcept/design-tokens is a Shared design tokens for NL Design System Affected versions of this package are vulnerable to Embedded Malicious Code that injects a credential-harvesting script that runs via postinstall on every npm install. It demonstrates TeamPCP-style CanisterWorm...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:29 p.m.6 views

Malicious code in @nxt-costco-com/forge-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86e4556dfaa2a30079bf31edd7c9a378deacc22b763f547a4b825d57945debef The package @nxt-costco-com/forge-design-tokens was found to contain malicious code...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 12:29 p.m.9 views

MAL-2026-1632 Malicious code in @nxt-costco-com/forge-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86e4556dfaa2a30079bf31edd7c9a378deacc22b763f547a4b825d57945debef The package @nxt-costco-com/forge-design-tokens was found to contain malicious code...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/01/28 4:33 p.m.4 views

Malicious Package

Overview @alaska-its/design-tokens is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2025/11/20 6:7 p.m.1 views

EUVD-2025-198331

Malicious code in @ra-ftds/ra-flourish-design-tokens npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/20 6:7 p.m.5 views

MAL-2025-190588 Malicious code in @ra-ftds/ra-flourish-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f72b65d4ce1abb0b35aca62b21968c19b6e8e99ec60962be31a4179ba5f22bec The package @ra-ftds/ra-flourish-design-tokens was found to contain malicious code. Source: ossf-package-analysis...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @healthbyro/design-tokens (npm)

The package @healthbyro/design-tokens was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in @sellerly-kit/design-tokens (npm)

The package @sellerly-kit/design-tokens was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-9299 Malicious code in @sellerly-kit/design-tokens (npm)

The package @sellerly-kit/design-tokens was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-7987 Malicious code in @healthbyro/design-tokens (npm)

The package @healthbyro/design-tokens was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/07 4:41 p.m.2 views

Malicious code in @laredoute/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e56fdae15fb0b525a4212e71ff9dd4ec7cd0e3f4076552ec379c49c8f4a4e899 The OpenSSF Package Analysis project identified '@laredoute/design-tokens' @ 0.1.55 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/18 4:45 p.m.2 views

Malicious code in compound-design-tokens (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e796e34437556a1ebb4437a1047206b9f42ef8ee3426f6aacad4ac14b318c41c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/06/18 4:45 p.m.2 views

MAL-2025-5224 Malicious code in compound-design-tokens (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e796e34437556a1ebb4437a1047206b9f42ef8ee3426f6aacad4ac14b318c41c Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
OSV
OSV
added 2025/04/23 3:39 p.m.3 views

MAL-2025-3322 Malicious code in @sporta-technology/d11-web-components.design-tokens (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/07 4:6 p.m.3 views

Malicious code in @hyattcorp/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58f37a41edefebdd744efb01380e035aad567082e7fa96361effc44e4e9f1b49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2025/04/07 4:6 p.m.3 views

MAL-2025-3169 Malicious code in @hyattcorp/design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58f37a41edefebdd744efb01380e035aad567082e7fa96361effc44e4e9f1b49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References3
Rows per page
Query Builder