2048 matches found
Malicious code in fwm-poc-built-sites (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa93c0829bbd693830f9aeffc69c03a26071b5fe6d560c9b1110c4b52e54da37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in opensource.ripple.com (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis db6640c2642fecbcd1114796262a8099bf2f0db6e5f020af28ce841c8f35e27a The OpenSSF Package Analysis project identified 'opensource.ripple.com' @ 1.0.1 npm as malicious. It is considered malicious because: - The...
Malicious code in airmason-employee (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f8954b40939c6627506907db7e85071941c5095c106f21463227c57f81020a8d The OpenSSF Package Analysis project identified 'airmason-employee' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in crypto-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 21ee45d9d771c938c2a2830fda64f84172fe28c001cb1dd2d725b2c05ea39068 The OpenSSF Package Analysis project identified 'crypto-provider' @ 0.3.4 npm as malicious. It is considered malicious because: - The package...
Malicious code in testveriftest1asdlaaaaa (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ff36b3e2ad882727ed964a43d4599f3713d2bada89b6cec169d727127c21c2fa During installation, the package attempts to exfiltrate cloud tokens --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in crypto-utility (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e212ce9343535d644b46e13584a4a6c0585b2c5482091ca23ea52068b582048e The OpenSSF Package Analysis project identified 'crypto-utility' @ 0.3.4 npm as malicious. It is considered malicious because: - The package...
Malicious code in font-impact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 404db1db5b86b6ce6ed40f2169b12625d010c431f4610548c55dc053f5d43d69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ui-platform-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f8e52fc989383c2ba9b074173be333530aa86b44f1fa38e4a7b156ab1bc4fc6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ui-platform-base-components-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b86eb50d9103e65b5af0d24fc0da1302ab769b008a7a2d7c46d686a0fca6d9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ui-platform-business-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89f863d731ba9d0cbfada890f27b8acb5ae30e8265c71236b451812cbf863be3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in customprefix-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af67fc99b5f6993bf42c27c8c407c6bee3e97d0f412d03ab30533470b86339d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in helmet-fastapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c1f805932ecbcd95197e98c6e2336eb773252abf5615fe135076d1848cb90395 Package contains hidden code adding a backdoor - a WebSocket path handler which will execute commands sent by an attacker knowing the path. In addition, it add...
Malicious code in climate-wallet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1f505af92d5dfcdcfb8990f655cb13aa0ccaf3d7c00001658e3b12ca3a5080d The OpenSSF Package Analysis project identified 'climate-wallet' @ 1.2.34 npm as malicious. It is considered malicious because: - The package...
Malicious code in amazon-chime-sdk-js-exp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 41b8665f77f2bb83789c04cdd6973e2525d3af8609a0e4fc6f41e7b460eb1b51 The OpenSSF Package Analysis project identified 'amazon-chime-sdk-js-exp' @ 10.10.100 npm as malicious. It is considered malicious because: - Th...
Malicious code in my-rei-browser-shim (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c686104ae598e6be85ee3b485920aef58f29d1ece0db3383bbca1afa64b8f405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @template-builder/iframe-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d449b73ecd5ceb50edae265044e9523e1608eafa7389e2e46f139ea57a4e37aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rose-bn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b255ebbe2f749770901182d7be69641b1f7e94bacd94fff31794262c33d998af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in test-kaks3c (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 591289fef82efe1b6a54e8948561a76e1e42addd4e1b62fe61364c894640b6b9 The OpenSSF Package Analysis project identified 'test-kaks3c' @ 10.0.4 npm as malicious. It is considered malicious because: - The package...
Malicious code in euf-ele-hf (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a7cfc361d149da8b9d35ea0df759689a516eed93545d9966146e4652bc08aa2a The OpenSSF Package Analysis project identified 'euf-ele-hf' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in redis_mktg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3e4bfe8fa5f34f6edef1cea4e6382724b544018847e65babd924cce89ede995 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...