Lucene search
K

11 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 5:30 p.m.12 views

Malicious code in boardstep (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d23139a90bc62310843522a9f8c266cf11ec4166f7a493072bf93b7d8ec05b0c The package wires all three npm lifecycle hooks preinstall, install, postinstall in package.json to run install.js, which downloads...

5.3AI score
Exploits0References9
OSV
OSV
added 2026/06/15 5:30 p.m.9 views

MAL-2026-5800 Malicious code in boardstep (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d23139a90bc62310843522a9f8c266cf11ec4166f7a493072bf93b7d8ec05b0c The package wires all three npm lifecycle hooks preinstall, install, postinstall in package.json to run install.js, which downloads...

5.4AI score
Exploits0References9
OSV
OSV
added 2026/06/13 9:10 p.m.11 views

MAL-2026-5750 Malicious code in mailconfirmer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb184ffa15fd011b84658a6b5cd68582e78827258a8373f0da1ef34248bfb09 The package advertises itself as an email-confirmation utility, but index.js contains only no-op stubs that console.log demo messages. The real...

5.6AI score
Exploits0References29
RustSec
RustSec
added 2026/06/03 12:0 p.m.11 views

`logflux` was removed from crates.io for malicious code

The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/21 5:27 p.m.3 views

CVE-2021-47851 Mini Mouse 9.2.0 - Remote Code Execution

Mini Mouse 9.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary commands through an unauthenticated HTTP endpoint. Attackers can leverage the /op=command endpoint to download and execute payloads by sending crafted JSON requests with malicious script...

9.8CVSS6.8AI score0.01044EPSS
Exploits1References3
Gitee
Gitee
added 2025/09/14 5:47 p.m.119 views

Phantom-Evasion

This is a Python antivirus evasion tool called Phantom-Evasion. It is free software, licensed under the GNU General Public License GPL version 3. The tool is designed to evade detection by antivirus software and is intended for educational or research purposes only. The tool has several modules,...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/30 4:4 p.m.4 views

Malicious code in ro.dll (npm)

The package contains code to download and execute an infostealer payload. --- -= Per source details. Do not edit below this line.=-...

7.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/30 4:4 p.m.4 views

Malicious code in celexkeygen (npm)

The package contains code to download and execute an infostealer payload. --- -= Per source details. Do not edit below this line.=-...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/29 8:52 a.m.5 views

Malicious code in invokehttp (PyPI)

The init.py contains a call to execute a Base64-encoded script to download a second stage payload. --- -= Per source details. Do not edit below this line.=- Source: kam193 e3374942a3d2de4ea1f9444223c351c0ef5356c571a08e8ddb62144f7564def0 In the invokehttp, the init.py contains obfuscated code...

7.5AI score
Exploits0References3
Snyk
Snyk
added 2023/03/24 2:3 p.m.3 views

Malicious Package

Overview DiscordRichPresence.API is a malicious package. This package adopts typosquatting techniques and attempts to trick users into downloading it. It contains a PowerShell script that will execute upon installation and trigger a download of a 2nd stage payload, which can be remotely executed...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2023/03/24 2:3 p.m.3 views

Malicious Package

Overview AvalonNetCore is a malicious package. This package adopts typosquatting techniques and attempts to trick users into downloading it. It contains a PowerShell script that will execute upon installation and trigger a download of a 2nd stage payload, which can be remotely executed. Indicator...

9.8CVSS7AI score
Exploits0References2
Rows per page
Query Builder