2077 matches found
Malicious code in powerbi-visuals-powerkpi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1708aa2b758d41b3666672f4afb039a73cdfa12345a815feb095ca94f0fcf900 The OpenSSF Package Analysis project identified 'powerbi-visuals-powerkpi' @ 9.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2025-6788 Malicious code in gsochub (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6c4ef23e2b37d9180f06b73ca4d6c919d854525b1bdf01ce97cb156df68e2c6b The OpenSSF Package Analysis project identified 'gsochub' @ 8.1.2 npm...
Malicious code in bp-console-fe-sg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 521bbcab75dfeaca681fe4eedeb12dcfbe52f54514441c4c397cf234030ca4e1 The OpenSSF Package Analysis project identified 'bp-console-fe-sg' @...
Malicious code in cerberux (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5695d0b2f501364a21975ae94641cd4afe53e8728199b018ebcea405011d9485 The OpenSSF Package Analysis project identified 'cerberux' @ 3.0.0 np...
Malicious code in pwm-components (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7b2e15f6e6b7534b482968389ad8ac756c1e7ee890da069465e9ff1387882694 The OpenSSF Package Analysis project identified 'pwm-components' @...
Malicious code in bullyshitty (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis af65e362c6eb3c7a952647d9fdc470881bfe8af8cd609b1c8deffe3a0ea7ff8c The OpenSSF Package Analysis project identified 'bullyshitty' @ 3.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in openai-tsp (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9afad0907413b0e88664cb893d34b71ad10d4a15def77275bc4a654bb21dd7a8 The OpenSSF Package Analysis project identified 'openai-tsp' @ 16.1.0...
Malicious code in flatfox-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c1abb243ceb7b5b94ca2f950d7cf27838ad4c22bc9771a0ea878af5497bfebf2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in @azet/api (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7b2841cc52f86348bb048d0fc7dd2dba1253653dd003f68552f72f67ba3953ec The OpenSSF Package Analysis project identified '@azet/api' @ 1.0.0 n...
Malicious code in message_gateway (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2781d258b292d5959839a52e0e940040defaae1ecbb1293c0d149dc5f6faf110 The OpenSSF Package Analysis project identified 'messagegateway' @ 0.0.1 rubygems as malicious. It is considered malicious because: - The packag...
Malicious code in hast-util-to-babel-ast (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 55816d77f51cc9fc5c5fc18491df2693e7be82d2c4865402a52a85af9f685300 The OpenSSF Package Analysis project identified...
Malicious code in prysk (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80bd771f9c6b2d96fa94413e45d0d2ddeb084b6ea58d6b3a7430624821398409 The OpenSSF Package Analysis project identified 'prysk' @ 10.0.1 npm ...
Malicious code in next-minimal-server (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bed5e4b150f949434786803be46122fa169432748424017c770c2582c50b6558 The OpenSSF Package Analysis project identified 'next-minimal-server'...
MAL-2025-6260 Malicious code in next-minimal-server (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bed5e4b150f949434786803be46122fa169432748424017c770c2582c50b6558 The OpenSSF Package Analysis project identified 'next-minimal-server'...
Malicious code in redux-saga-channel-end-rce (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c0fde8502cb19eb266cf53e69e92a54e426d6996f99eefd2c3ecefd5db7cc43 The OpenSSF Package Analysis project identified...
Malicious code in dva-loading-show-rce (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2779c32d64a46ff3b8b9de62cd9161c7b6e0071c4a3103b2a37e949f374467a0 The OpenSSF Package Analysis project identified 'dva-loading-show-rce...
MAL-2025-6251 Malicious code in dva-loading-hide-rce (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 236bea5646a5f41a1a00049315bf89b5d58d75f522e1d1dbc8bbc86d85e10919 The OpenSSF Package Analysis project identified 'dva-loading-hide-rce...
Malicious code in dva-loading-hide-rce (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 236bea5646a5f41a1a00049315bf89b5d58d75f522e1d1dbc8bbc86d85e10919 The OpenSSF Package Analysis project identified 'dva-loading-hide-rce...
Malicious code in redux-replace-rce (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb28c0e340d0d3220c0b6c87681ecdb8ff015040d97ed20852a5fabf651f503d The OpenSSF Package Analysis project identified 'redux-replace-rce' @...
Malicious code in react-nodes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...