2 matches found
Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...