Lucene search
K

15409 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago8 views

Malicious code in py-base58 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4ef10f40dc13a645cebdee601417b590c92ab69039dbdf9962c36b36497949b py-base58 2.1.3 masquerades as a pure-Python base58 encoder but on first import of the top-level base58 package decodes a 640KB base64-embedded Linux...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/07/06 6:59 p.m.6 views

MAL-2026-6899 Malicious code in twcompose-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 096d151917a14021013de8dbd595466944a677be49ee8ca4b3ed94de63d85cd9 The package's main entry point src/index.js contains heavily obfuscated JavaScript at line 138 using a classic string-array shuffle pattern while!!...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:59 p.m.8 views

Malicious code in ts-eslinter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56fe794783cf855aba4980f7186b85866fd3048cbb97803fe8c575192cb30d44 Package name resembles common ESLint/TypeScript tooling and the main entry index.js contains base64 decoding via Buffer.from...,...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/01 9:15 p.m.10 views

Malicious code in electron-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7faf51a6c9d6ed9fce8cf9de9ea8afee0e9c3dc1fb254e8cd0c3c2a8ca61323f On require'electron-orbit', the module unconditionally fires an auto-prefetch pipeline in Node contexts when no document is present that opens a raw...

5.8AI score
Exploits0References32
NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2024-23581

The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized application...

7.8CVSS0.00066EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:23 a.m.8 views

Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52967

Name of the Vulnerable Software and Affected Versions HCL Traveler for Microsoft Outlook affected versions not specified Description The HCL Traveler for Microsoft Outlook libraries are susceptible to an application modification issue, causing them to be flagged as unrecognized applications or...

7.8CVSS5.8AI score0.00066EPSS
Exploits0References7
OSV
OSV
added 2026/06/17 4:56 a.m.5 views

MAL-2026-6030 Malicious code in @mastra/nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cce4b38ce42c23095f722a3fd011dcd5070230e430bd5ef2be73c0eb943f79d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 3:11 a.m.14 views

Malicious code in @mastra/mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fbae003cd01bc2b7f477773c49bbd2254e8ec61118b865fb98abcc832a3f9af The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 3:11 a.m.12 views

Malicious code in mastra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c4549467abc2b76f088b4684a79cb551458718b7c5d9beb8ae1af4349d02a8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 7:55 a.m.12 views

Malicious code in farming-tools-12 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+, same aicrypto-xzggg publisher and "Core utilities for blockchain development" description as swap-sdk-87/defi-tools-39. postinstall auto-execs, src/index.js harvests /.ssh keys + Sol/Eth/BTC/Tron/Sui/Aptos wallets + .env +...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 10:34 a.m.13 views

Malicious code in bittensor-burn-monitor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d4b7067997b5bc9822e964b16a3b4e78b5ec637086732d143889e577fa2d886 bittensor-burn-monitor advertises itself as a Bittensor subnet burn-rate monitor but ships a covert clipboard logger that exfiltrates installers'...

5.7AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46161

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS5.8AI score0.00098EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 11:20 a.m.13 views

MAL-2026-5159 Malicious code in po-ops-local-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d0f2e829316d0c6a04bc41fb4d187569c00c3273384b1666d3068a0e696291 [email protected] has no functional code of its own index.js contains only module.exports = ; and there are no lifecycle scripts. Its sole effe...

6.1AI score
Exploits0References2
HackRead
HackRead
added 2026/05/31 2:54 p.m.18 views

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/26 9:10 a.m.19 views

MAL-2026-4795 Malicious code in massive (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02d8dea3e47a2bd45fc796f33fc582956aec2be887add9672fd5eccc91c2135d Package self-describes as the 'Official Massive formerly Polygon.io REST and Websocket client,' a false rebrand claim — Polygon.io has not changed...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/21 12:0 a.m.13 views

MAL-2026-4208 Malicious code in mnemonic-safety-check (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.8AI score
Exploits0References17
OSV
OSV
added 2026/05/20 7:45 a.m.9 views

MAL-2026-4640 Malicious code in pino-formatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6318f85af0cd86060232fbc606115e300e1022220ffda545f9e6c6157ef6f55 Package masquerades as a pino-pretty-style logger but performs multiple installer-harming actions when required. On import, dist/logger.js: 1 on Linu...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:4 p.m.12 views

Malicious code in cheaty-sync-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b192c71c59ccca1d9cc720372bd29f39eae8b5da4d572cd1e8312d6b57d6b4 cheaty-sync-bot ships a clipboard-sync CLI that hardcodes a single Telegram bot token index.js:10 owned by the package author. There is no...

6.3AI score
Exploits0References1
OSV
OSV
added 2026/05/14 7:24 p.m.10 views

MAL-2026-3755 Malicious code in chalk-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0fe2974289b691a9f5541068f2e399aecb14a719779202ff5999652ffe351db On npm install, postinstall.js runs a credential and cryptocurrency stealer against the installer's machine. It reads /.npmrc extracting authToken an...

5.8AI score
Exploits0References3
Rows per page
Query Builder