17 matches found
Malicious code in java-common (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 555d7c368b052227256d6f6b35ce4b6d84da939df3127667ff6e73515dbee1bd Any computer that has this package installed or running should be considered...
Malicious code in optional-native-module-xyz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91d8c0e42c231414befecab31d6e25c851443c94c0f8eaf179aa62012264967e Any computer that has this package installed or running should be considered...
MAL-2025-47121 Malicious code in hrprce (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-41361 Malicious code in ad-react-wrapper (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dec7199df8eaf35c70facf6df3af78b3aa9b7d06d5cc4f2ba7ee9f528165d21a Any computer that has this package installed or running should be considered...
Malicious code in @navify-platform/http (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-6860 Malicious code in tiktok-internal (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6816 Malicious code in teste-depenconfu (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 56a7fcb8d17544bc05d4a5222d7741781d9b33d6ad5d334d6c74b8851d20a257 The OpenSSF Package Analysis project identified 'teste-depenconfu' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6811 Malicious code in checkout-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3f3f3a1d0b011d00d475a42f290ecb00025114dbb878def81003f3cbd0ea26e7 The OpenSSF Package Analysis project identified 'checkout-app' @ 1.5.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in some-dev (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in @emersonecologics/emerson-angular-trove (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c229693a6cfa1c30c9c957144ab93c804e134a54c587ad75b4e2eb860d89b778 Any computer that has this package installed or running should be considered...
Malicious code in jira-dashboard-items (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79ab5b6ba91047c189dc1c045205cf83046fa39fd12a9292f3ed8b4ea48582b6 Any computer that has this package installed or running should be considered...
MAL-2024-11858 Malicious code in orderly-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c6d1816f12ad3d52d2229d938ccf0f5ec2b0f48ba66613c031b72631e23cc77 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in neuron-viewer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c39e11d5c0e9f49ca7c1e136d6f73f692162e1873d0def4a3135bd3dacbdd9ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lab-3-package-438d82fc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1647151de9ec3b78d6f3b3c4dc4bfe1f7b27f9c1ffdb56d482daa533fd2b1ec3 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...
Malicious code in not-a-math (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f65b9ef7e604f803f7ac9a09d7948911e9cde5f1033f969f2438c8422d48dd22 The OpenSSF Package Analysis project identified 'not-a-math' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in scbe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e0038adb669e3dbac6bc53a3f8c60a1ee4e2acdfcf28ab8c419e8b39638f14a9 The OpenSSF Package Analysis project identified 'scbe' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicates...
MAL-2023-1288 Malicious code in schweppes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c6413b14065c0dae4dd031864f7a515ead037541f7f74a2907a2d554ebe4e7fe The OpenSSF Package Analysis project identified 'schweppes' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...