2038 matches found
Malicious code in codex-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9c0b0d3723aea4e9ace65a23c56b8f951b48f31f09558674bc6de5e788c8c7de The OpenSSF Package Analysis project identified 'codex-monorepo' @ 8.1.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-46995 Malicious code in aledade-org (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0682631cc0174823a4b9e6c15e0d9f83771e5a51dfaec02c64a878a3b0d6c56a The OpenSSF Package Analysis project identified 'aledade-org' @ 1.0.0...
Malicious code in com.revenuecat.purchases-unity (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9409a3b3ea8cbed10c1c8e9ee79e134487117b36b0280c2190576e79e6387b60 Any computer that has this package installed or running should be considered...
Malicious code in arm-package-deploymentscripts-2019-10-preview (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 036de74aa3f36e7c65b0ae918b5cbc8dad256bac711320dbded5935ef0d48657 The OpenSSF Package Analysis project identified 'arm-package-deploymentscripts-2019-10-preview' @ 8.0.1 npm as malicious. It is considered...
Malicious code in flow-security-cart (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e80dbff81931a20f9f1099da55fe0472b8f30458e4f53f69dc6a26b5aea6a48a The OpenSSF Package Analysis project identified 'flow-security-cart' @ 99.0.2 npm as malicious. It is considered malicious because: - The packag...
MAL-2025-42147 Malicious code in file-dependency (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis db9d9ac2b90c17d04ff56afe81a886e99665eb55048e7cc7c9a3f0b1855db828 The OpenSSF Package Analysis project identified 'file-dependency' @ 7.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2025-45999 Malicious code in sfly-services (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da589d8876d458397b3e7aa677e83cb9f21a92526a613fa62808be5946105774 Any computer that has this package installed or running should be considered...
Malicious code in brave-real-launcher (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ec706dec762e96c2e6f2990c75a05808c5226fdd400419402135c910c5e639a5 The OpenSSF Package Analysis project identified 'brave-real-launcher' @ 1.0.10 npm as malicious. It is considered malicious because: - The packa...
MAL-2025-42142 Malicious code in brave-real-launcher (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ec706dec762e96c2e6f2990c75a05808c5226fdd400419402135c910c5e639a5 The OpenSSF Package Analysis project identified 'brave-real-launcher' @ 1.0.10 npm as malicious. It is considered malicious because: - The packa...
Malicious code in ds-header (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 51f8c8b4f365efe9e19ae3c1f9dc70779556603342c121e189acf9e26fb44edb The OpenSSF Package Analysis project identified 'ds-header' @ 9999.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in brave-real-launcher-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 122c2679d9d37502dadc2f4e54a52772fc880d7579ccefd7f530a9981e8e744c The OpenSSF Package Analysis project identified 'brave-real-launcher-v2' @ 1.0.3 npm as malicious. It is considered malicious because: - The...
Malicious code in authzd-client (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 45ba3e72eb15bda66737b4c0b7addefe2fa72e79d4a38a82e9dd53722cc04f7b The OpenSSF Package Analysis project identified 'authzd-client' @ 0.11.10.r813fef313 rubygems as malicious. It is considered malicious because: ...
MAL-2025-46931 Malicious code in monolith-twirp-merge-queue-go-mergequeuemonolith (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 58e829a595050f4922bb0937c2d6c0d2759059af987ceb38f0c33712345eadc2 The OpenSSF Package Analysis project identified 'monolith-twirp-merge-queue-go-mergequeuemonolith' @ 1.0.2 rubygems as malicious. It is consider...
Malicious code in monolith-twirp-mailreplies-replies (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c1e0b39ca2393b053f31bdaab06ece9ef73680eb15866a4936b52862b42f305c The OpenSSF Package Analysis project identified 'monolith-twirp-mailreplies-replies' @ 1.0.0 rubygems as malicious. It is considered malicious...
Malicious code in monolith-twirp-github-repositories (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b6ab9bea194d9fa5ad57b833b09316a0c338a6beb920638e9aff880730969c89 The OpenSSF Package Analysis project identified 'monolith-twirp-github-repositories' @ 1.0.0 rubygems as malicious. It is considered malicious...
MAL-2025-46942 Malicious code in secret-scanning-proto (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1465959a0117b88d5bd9a996a386b97399277821a3199d62026605750c8194b7 The OpenSSF Package Analysis project identified 'secret-scanning-proto' @ 99.99.99 rubygems as malicious. It is considered malicious because: -...
Malicious code in turboscan-client (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aadd88a4cebcc045db4b6899180a44c571f6429b26ead528721f7474c03110a0 The OpenSSF Package Analysis project identified 'turboscan-client' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...
MAL-2025-46946 Malicious code in turboscan-client (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aadd88a4cebcc045db4b6899180a44c571f6429b26ead528721f7474c03110a0 The OpenSSF Package Analysis project identified 'turboscan-client' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...
Malicious code in monolith-twirp-support-helphub (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97a64bd75388afe20d55befa04ed845034b1a467cace9204788c98fd29240024 The OpenSSF Package Analysis project identified 'monolith-twirp-support-helphub' @ 1.48.0 rubygems as malicious. It is considered malicious...
Malicious code in monolith-twirp-modelsgateway-telemetry (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62052c32a08bc8af05a1012fc5a5e9b63a09eea906ff0affeeef77f4604b70ec The OpenSSF Package Analysis project identified 'monolith-twirp-modelsgateway-telemetry' @ 1.0.0 rubygems as malicious. It is considered malicio...