Lucene search
K

14 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago9 views

Malicious code in express-mocha-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01d87351be0d9f68d73ec05867e55fe5712d4885fa76c70c5ec9b003ef512825 [email protected] declares a postinstall lifecycle hook that loads the package's main module, which calls fetch against an anonymous...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/06 6:20 a.m.10 views

Malicious code in carbonite-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fec002c13bf1ef1b49658e5dc490ca30515cf414294154827adadab04cbc234 The package carbonite-internal was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/22 8:48 a.m.12 views

MAL-2026-2981 Malicious code in @bmg-web/bmg-button (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b59b2c3d1c98e7a5f4faae9549ed4f302c9273e1efeaee63e70f3013300327c2 The package @bmg-web/bmg-button was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSV
OSV
added 2025/08/23 7:21 p.m.3 views

MAL-2025-41375 Malicious code in cld-ai-chatbot-web (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47807a9125d00d52f4b02cf9742fdd7efd42b3b9cc93d5091594127fa5c9771c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/08/18 3:20 a.m.4 views

MAL-2025-6897 Malicious code in swiv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 945d4a5f54e77ae66588b5b64aa30eb2627903bffcb72a3031b9c4b6b2122b43 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/08/17 2:33 a.m.1 views

MAL-2025-6957 Malicious code in somemalicious (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.2 views

Malicious code in talk-desktop (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 5:31 a.m.3 views

Malicious code in lyft-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bad08278af65d859072402dbc935300d4c8d6036f2f214644533c0af1b8f7b8e The OpenSSF Package Analysis project identified 'lyft-sync' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 4:58 a.m.1 views

Malicious code in godaddy-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fbc982202586a71e3e0e5ad119c42a6517f839d2b74320b097508397b127243a The OpenSSF Package Analysis project identified 'godaddy-sdk' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/24 4:25 a.m.5 views

Malicious code in bookingcom-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f3efaad9e12b23a4ec5230344045108f961982d137157a29edb1283679f35031 The OpenSSF Package Analysis project identified 'bookingcom-tools' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/10 11:5 p.m.6 views

Malicious code in artifact-lab-3-package-b55680cd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be4896eebe0a6b7185d165cec1e593faea8a14a8b2386711ef9c08657273bb31 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

7.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/26 4:53 p.m.6 views

Malicious code in rtpoc1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6fec3cb3c9354af29d7edbc82703c0fe7406084014bd610bd383ee2795d324ca Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/08/22 3:27 a.m.2 views

Malicious code in mapsapi-area (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a12b68cea467324465b98ad4c7ffcddb67cac55eec195215bce156b916abbda The OpenSSF Package Analysis project identified 'mapsapi-area' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/07/09 7:3 p.m.3 views

Malicious code in @shennong/web-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a2fd786e967b26aa2bbe8f8367eda2745ce70026f11bcc9b832e3bcb93433b58 The OpenSSF Package Analysis project identified '@shennong/web-logger' @ 25.0.1 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
Rows per page
Query Builder