Lucene search
+L

15 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago5 views

Malicious code in syft-acp-uikit (npm)

The syft-acp-uikit package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...

5.5AI score
Exploits0References2
OSV
OSV
added 2 days ago3 views

MAL-2026-10763 Malicious code in @edgecommons/streamlog-node (npm)

The @edgecommons/streamlog-node package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...

5.6AI score
Exploits0References2
OSV
OSV
added 5 days ago3 views

MAL-2026-10407 Malicious code in awesome-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 379d820ae94a1dd684c187fd2577558795440d8f8cd1fe3cd209c8eb5b303913 [email protected] ships a postinstall script scripts/install-check.cjs that resolves a bundle URL from a remote JSON config at...

6.5AI score
Exploits0References3
The Hacker News
The Hacker News
added last week34 views

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install

The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagg...

6.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 12:0 a.m.7 views

Malicious code in box-react-uix (npm)

The box-react-uix package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'box' internal...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:12 p.m.19 views

Malicious code in @apexcraft/nano-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c46938b3634fb4de89ddf44b765e1c766c871a40fb31c54609c1b3526074e65c @apexcraft/nano-key advertises itself as a 12-byte sortable ID generator README and repository metadata are copied from yiwen-ai/xid-ts, an unrelated...

6.7AI score
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 2:53 a.m.15 views

Malicious code in janus-ft (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d7caaba8f20d0f04bcb79ab4046d34bea20b858ed3fc37931c76109b366835f On npm install, the package's postinstall.js script harvests installer-side secrets and ships them to a hardcoded bare-IP C2 endpoint. Specifically, ...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/05/19 5:4 p.m.10 views

MAL-2026-4645 Malicious code in prettier-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80a3bdd18c28c0c045aaed2a3e5725b3b38cb45bc9c16d0b795c4334caed17a5 Package name prettier-sdk impersonates the top-tier prettier package 50M weekly downloads, copying its README verbatim and forging metadata repositor...

5.7AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/12 12:12 a.m.31 views

Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow...

9.6CVSS5.8AI score0.02342EPSS
Exploits3References8Affected Software42
OSV
OSV
added 2026/05/10 12:0 a.m.8 views

MAL-2026-3645 Malicious code in dit-envv (npm)

dit-envv is a typosquatting package impersonating dotenv, the widely-used environment variable loader. The package bundles the legitimate dotenv source and documentation to appear functional while hiding a credential-theft payload in index1.js, executed at install time via the postinstall script...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 7:49 a.m.9 views

Malicious code in loadcoremwassistant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20499474b0d0eb5a02bdd34aba8dbd438993b87506fb7a9bd88a62a729736221 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/11 8:20 a.m.8 views

Malicious code in python-aickerso (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d1d7d33d48c083d0e17d3a3698d815f66dffb070f743e030278059a558c5e6fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 11:36 a.m.10 views

Malicious code in xadauiom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64051fbf2528075ff707f512002bce043db1a535723bd677e6fcde0f53f7cafa Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2024/07/26 4:53 p.m.5 views

MAL-2024-12311 Malicious code in netsec-monitor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d53ca1631ad5169910977a710485caa2e85f057cba20a5d29bdcaeccda0cf4f9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
added 2024/07/26 4:53 p.m.5 views

MAL-2024-12350 Malicious code in springboot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 16d85bf1869194ac1171299e8e0d4e04cbe415bdde4f6eb08730c6018f8958bc Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
Rows per page
Query Builder