2043 matches found
Malicious code in icoreact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c03ec7b8267dc8690840c8f949e0a07962479ed8473f6c34782de1a1942aa507 The OpenSSF Package Analysis project identified 'icoreact' @ 30.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1295 Malicious code in shein-bbl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eda3e2bdbc515dead593a808202f565c6b47090d1b73b40cda908b6786eaf4ac The OpenSSF Package Analysis project identified 'shein-bbl' @ 0.1.4-beta npm as malicious. It is considered malicious because: - The package...
Malicious code in renxt-host-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 944749dfc81b2b67c674e603d951d85dc31ffec7e6049640c5b3674624ef62e0 The OpenSSF Package Analysis project identified 'renxt-host-service' @ 19.2.0 npm as malicious. It is considered malicious because: - The packag...
Malicious code in @metronetinc/react-component-library-next-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d29aaa8c56838993a54df9b7ee45362f439f4b704ca467383c14f4643e2151a9 The OpenSSF Package Analysis project identified '@metronetinc/react-component-library-next-plugin' @ 9.999.8 npm as malicious. It is considered...
Malicious code in @metronetinc/react-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 60618ba400c79770b18a43c36d0b3b9723c5f4df204ac012d6aea96d17de5bdd The OpenSSF Package Analysis project identified '@metronetinc/react-component-library' @ 9.999.8 npm as malicious. It is considered malicious...
Malicious code in chegg-contentful (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0f294558304bba4da1c74169d026ebb78d4c1509bc734739942abe3860bc7390 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ossf-package-analysis...
Malicious code in dontsweatthetechnique (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bbda5728889893ceed46e14cad0f90a4e884b8e92aed8cc3a824288c2e16a5db The OpenSSF Package Analysis project identified 'dontsweatthetechnique' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in trochilus (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c6895d1063758093bf21294cd9edbba16c2e957fd931d17008cc6d962c8992b4 The OpenSSF Package Analysis project identified 'trochilus' @ 50.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in @sbb2b/ngx.sportsbook (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ccf1238d371f61b48d44f2b32d79ce73e0d25a42508d9e535ce93580010016d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in juno-branding (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7445e9499982b52ca2f99b800d45f9d94599662f468ea58eac6c4a2dc8910ac3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in jquery-overscroll (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 279b9014e86c11c82ac819b5e3bbbbbfc2868e3131b65bd941e60d08985cfbb0 The OpenSSF Package Analysis project identified 'jquery-overscroll' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in @okcoin-dev/blade (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71645eda002c3a56f041a1c91f7072a640455be1d5bed1cc7cf67fd4c1cff44b The OpenSSF Package Analysis project identified '@okcoin-dev/blade' @ 1.11.33 npm as malicious. It is considered malicious because: - The packag...
Malicious code in wm-webpack-player-sri (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2ce8f86b27a02853a91d351ebf67ea4c8b697d62b1c65c295b7a01cfa89148ec The OpenSSF Package Analysis project identified 'wm-webpack-player-sri' @ 0.0.71 npm as malicious. It is considered malicious because: - The...
Malicious code in gitlabhook (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 07cc248a040f88d3052194678254b7bc9be0a2f3f9dda89ed16981c2c86510ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chain00x_tsrc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5926bd93f4ff900c16d517fa3e4dc243e5a29e79d3fb377b8304df57ab6d347e The OpenSSF Package Analysis project identified 'chain00xtsrc' @ 1.0.5 npm as malicious. It is considered malicious because: - The package...
Malicious code in chain00x_rce1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d528fd659506ce3a370f146632641af04a4a41e0c1b4d0e148e48a2b57e8b40 The OpenSSF Package Analysis project identified 'chain00xrce1' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in html.sortable (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d97ce7d0b1b07925f0480d38a692ed6ef4d4954376f3dceb77610423f13f977d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in navigation-component-tco (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f783bdef910568f0931f880ce5329f8f4c71c869d64c8078374a3103dfe745e9 The OpenSSF Package Analysis project identified 'navigation-component-tco' @ 999.999.0 npm as malicious. It is considered malicious because: - T...
Malicious code in fc-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77f6035edb9c1d932bd670b4ecd252c5ad1d38ae3ff39f0f2d3e68ca68a1d99f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fc-login (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe337a39891907521b303615d75e614524a26835d707bd4a1ccf7f5c51a7886b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...