6 matches found
MAL-2026-3334 Malicious code in fanduel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2d9b4e8ab1ef054d5774929963bc61b004f7914e48179850c51f77e67410a41 The package fanduel was found to contain malicious code. Source: ossf-package-analysis 49d980743cd761f6fb629d32e14864e720d1269e4208ec9e0f075c5e9f6eb4...
Malicious code in isg-iwp-web-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd99ea1f73a0a8a60395dd908d6a970f8ab7861bec1eb627b70023c9716185ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in example-multipass (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b8ecd17d835fed194bf6392aca9f2fe17844a455e585ae06161bb8a41ad9748d The OpenSSF Package Analysis project identified 'example-multipass' @ 10.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in api-react124 (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in example-app-node (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in controlnot-aux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a99770ef01fb53c863387ed64967ab6ed42be0cf7c901573dcd472db6ae51091 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...