2036 matches found
Malicious code in flowtorch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6c2c3f2d7423991d07fec2693f59f64eaa2f3a3d0122fbf6f05e19a6d2a40871 The OpenSSF Package Analysis project identified 'flowtorch' @ 9.2.2 npm as malicious. It is considered malicious because: - The package...
Malicious code in false-positive-reddit-rce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 18d0061817c889d31df1f475a5cb984705a83ac9e8117ef32c2429696d73ca20 The OpenSSF Package Analysis project identified 'false-positive-reddit-rce' @ 0.0.2 npm as malicious. It is considered malicious because: - The...
Malicious code in marvelmaniac-reddit-rce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4e0c11328bba9ebf6da62d82fc149892918b5830eef9816b5f887c46f1108fa0 The OpenSSF Package Analysis project identified 'marvelmaniac-reddit-rce' @ 10.0.3 npm as malicious. It is considered malicious because: - The...
Malicious code in eslint-plugin-ironfish (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ddb571e2a90d22e958b983fe2578c4dc66915310367953568399aa68773cc77a The OpenSSF Package Analysis project identified 'eslint-plugin-ironfish' @ 1.0.1 npm as malicious. It is considered malicious because: - The...
Malicious code in nequi-aws-dynamodb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 86e69f8ab2fe8a36bf3ee2e573ff2b19bb88d7dc072bd33275d8b8194b9b06dc The OpenSSF Package Analysis project identified 'nequi-aws-dynamodb' @ 1.3.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in eslint-config-onyx-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62b8e60882fd76fb4ef0935a91025d2bea424c98f200a89b041380859df410b5 The OpenSSF Package Analysis project identified 'eslint-config-onyx-ui' @ 3.1.3 npm as malicious. It is considered malicious because: - The...
Malicious code in jest-cucumber-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e2fbf023b3a861ceda4ee89f2c188d2cf7e1b274a07fb7f0df58b9d86c6935b2 The OpenSSF Package Analysis project identified 'jest-cucumber-reporter' @ 0.0.9 npm as malicious. It is considered malicious because: - The...
Malicious code in papaya_pear_vicious (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 080555e8b0e713640ab3072d60fca6f3144f3738c13d3b46d93e89ebf87d0a15 The OpenSSF Package Analysis project identified 'papayapearvicious' @ 3.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in yatai-web-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f548d205122fcfcec01de022463ec287546b7367481a1ec5adb29294e452b8f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cloudsplaining (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9d821ad444b4ae2d16e2fa2f9479b0175bfad2283012e98bf2d72d6d9f8fb71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in matlab-language-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8e3c9879f3555ae0c9a861940fee5bd9d19c1e5aced768ed7e1c303a896193a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in uitk-react-action-list-item (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c5ae6c09c0106f49a13c2a2b42ec5ae87f855fce905b95188d6645f263a17bf8 The OpenSSF Package Analysis project identified 'uitk-react-action-list-item' @ 99.99.1 npm as malicious. It is considered malicious because: -...
Malicious code in hellodependency3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a806e7ee360d2e51a441f2f736fb58affcd5e7028d5e442fb2ea340f4655f187 The OpenSSF Package Analysis project identified 'hellodependency3' @ 1.0.4 npm as malicious. It is considered malicious because: - The package...
Malicious code in @ms-atlas-module/datastudio-datafactory (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 253e4743d8b8183de69bf226274c4bfcabf8516dc9b77f5e2a9772ad6a2e4747 The OpenSSF Package Analysis project identified '@ms-atlas-module/datastudio-datafactory' @ 0.1.36 npm as malicious. It is considered malicious...
Malicious code in icoreact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c03ec7b8267dc8690840c8f949e0a07962479ed8473f6c34782de1a1942aa507 The OpenSSF Package Analysis project identified 'icoreact' @ 30.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1295 Malicious code in shein-bbl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eda3e2bdbc515dead593a808202f565c6b47090d1b73b40cda908b6786eaf4ac The OpenSSF Package Analysis project identified 'shein-bbl' @ 0.1.4-beta npm as malicious. It is considered malicious because: - The package...
Malicious code in renxt-host-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 944749dfc81b2b67c674e603d951d85dc31ffec7e6049640c5b3674624ef62e0 The OpenSSF Package Analysis project identified 'renxt-host-service' @ 19.2.0 npm as malicious. It is considered malicious because: - The packag...
Malicious code in @metronetinc/react-component-library-next-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d29aaa8c56838993a54df9b7ee45362f439f4b704ca467383c14f4643e2151a9 The OpenSSF Package Analysis project identified '@metronetinc/react-component-library-next-plugin' @ 9.999.8 npm as malicious. It is considered...
Malicious code in @metronetinc/react-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 60618ba400c79770b18a43c36d0b3b9723c5f4df204ac012d6aea96d17de5bdd The OpenSSF Package Analysis project identified '@metronetinc/react-component-library' @ 9.999.8 npm as malicious. It is considered malicious...
Malicious code in chegg-contentful (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0f294558304bba4da1c74169d026ebb78d4c1509bc734739942abe3860bc7390 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ossf-package-analysis...