Lucene search
K

29751 matches found

OSV
OSV
added 2025/09/16 5:5 p.m.4 views

MAL-2025-47239 Malicious code in @hestjs/core (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e502abdd20810df6a40941cec4ea92f9b86b0e774bd5df7461f73771e481b89 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 5:5 p.m.2 views

MAL-2025-47383 Malicious code in @art-ws/slf (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware baf90d1c3b7ba54034d1d4c17018409a40ca9c0b81dce2f0cc612bf5e7358a44 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.6 views

Malicious code in @tnf-dev/js (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 292d245c3ca4d0fdd82283650bae7b8c7da1f843e984906c10402454c065daec Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 5:5 p.m.4 views

MAL-2025-47355 Malicious code in ts-imports (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eccb885c4d87f75ef3479173055a689c6b90773619272c8ccf891bd342a7128b Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
Krebs on Security
Krebs on Security
added 2025/09/16 2:8 p.m.8 views

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub , experts warn. The malware, which briefly infected multiple code packages from the securit...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 9:31 a.m.4 views

Malicious code in @things-factory/env (npm)

Suspicious postinstall script executing bundle.js and YARA rule match on bundle.js indicate potential malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88b8463d9fb16ac5faed1cd122997c683cc79534786bcf816139cefc13897168 Any computer that has this...

6.9AI score
Exploits0References7
OSV
OSV
added 2025/09/16 9:31 a.m.3 views

MAL-2025-47221 Malicious code in @things-factory/email-base (npm)

Suspicious postinstall script executes bundle.js which contains code flagged by YARA rule unsignedbitwisemathexcess, indicating malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc3773013abc63a59090ab3b457bc1e047f7a294edd5f35e6ce43840fc0520 Any computer tha...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:57 a.m.5 views

Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:57 a.m.2 views

MAL-2025-47366 Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:55 a.m.2 views

MAL-2025-47328 Malicious code in monorepo-next (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f0c8e880c0edcdf1ac8b55ac831ee123c7bbd6b338a44a77a49400b60985d16 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:53 a.m.2 views

MAL-2025-47311 Malicious code in ember-velcro (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb2c22cbb7ab559c0ac1e61418ae224e561beacb9571166240b4c5249a098dbb Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:51 a.m.3 views

MAL-2025-47307 Malicious code in ember-headless-form (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4687ef20e35f1ba6932bfe28dbaae50901c594a51071d24c97e6d496f7001382 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:51 a.m.4 views

Malicious code in ember-headless-form-yup (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed8ff319c2845a41812ca372e9a7e36c894cd5027bfadab1381fefb8892e4074 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:50 a.m.3 views

Malicious code in browser-webdriver-downloader (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01fb714365440560815380bba71421a48f96fcc47b83487acaaa72a1410c0ab5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:48 a.m.5 views

Malicious code in @crowdstrike/logscale-search (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf328d64388e35603ec9a233e2d1ba28fa6fd2508bf245a22733a1818a670e92 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:44 a.m.2 views

MAL-2025-47235 Malicious code in @crowdstrike/glide-core (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c50fb4842e12feb703463f76e42b30788a613940789be0e353b396b7de4cba8 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:44 a.m.1 views

Malicious code in @crowdstrike/foundry-js (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b692cc7f6e5464ffd853e3847c9818751b07e7730ef96f968e01aea83827605f Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:41 a.m.5 views

Malicious code in @crowdstrike/commitlint (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e58c63ca78f39890835120723ac0ab398dbaddb3018f3b640145685ab38cdd93 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
Circl
Circl
added 2025/09/16 6:39 a.m.4 views

CVE-2022-3124

creationtimestamp| type| source ---|---|--- 2025-09-16 06:39:33+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-3124.yaml 2025-09-17 21:02:38+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qayzps32m...

5.3CVSS4.9AI score0.06199EPSS
Exploits2References2
Snyk
Snyk
added 2025/09/16 5:11 a.m.2 views

Malicious Package

Overview oci-plugin-compliance is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder