Lucene search
K

6063 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in client-cookies-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12870ae203f2612ab2bf9e796583acba17914cd4699909156f86c643fcf51f24 package.json declares postinstall=node index.js, which runs automatically on npm install. index.js collects host identifiers via os.hostname,...

6.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added last week9 views

Malicious code in none123s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c28e7ef260830adb9561488c487960b12e00bd6939daf8ed8e3a239ec9530699 package.json declares a prepare lifecycle script node index.js || true that auto-executes on npm install. index.js reads canonical installer-secret...

5.9AI score
Exploits0References18
OSSF Malicious Packages
OSSF Malicious Packages
added last week11 views

Malicious code in airkey-mfa-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector addd30fd6d90110d178ea017b2968c6014dab0e8304bdfeb55b13612a75f61da Package auto-executes a preinstall script node test.js on npm install that collects username, hostname, platform, Node version, and CI flag and POSTs...

5.9AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added last week10 views

Malicious code in domains-billing-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4860726efc056e319a24e46ac4e179809cc294267679a9b8122c5205b49369f1 [email protected] executes node index.js from its postinstall lifecycle script. On install, index.js reads os.hostname and...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added last week18 views

Malicious code in @vwfs-its/sf-sac-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fd62df844e3fba17cb6200b0c9f2ce518a630677ed96f4cf0349b2a3eb7a3d On npm install, the package's preinstall hook node index.js collects installer host identity — hostname, OS user info, output of whoami and id, shell...

6AI score
Exploits0References1
OSV
OSV
added last week8 views

MAL-2026-6972 Malicious code in @vwfs-its/sf-sac-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fd62df844e3fba17cb6200b0c9f2ce518a630677ed96f4cf0349b2a3eb7a3d On npm install, the package's preinstall hook node index.js collects installer host identity — hostname, OS user info, output of whoami and id, shell...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added last week9 views

Malicious code in gitlens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c60743ac7b975c729e8ff8bd5310f71fce030efc3979f419f60e129921364ae7 package.json declares a preinstall lifecycle hook that runs curl https://bt8hbz0owdan31qvdap2u5b8izoqcg05.oastify.com on npm install. oastify.com is...

6.5AI score
Exploits0References3
OSV
OSV
added 2026/07/08 12:20 a.m.7 views

MAL-2026-6956 Malicious code in rio-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed72d8256a1831ef61f01d101c9b9de21db822516cb3b61d1fffd1ef7b3bb0c7 [email protected] is a dependency-confusion attack package. package.json declares preinstall: node index.js, so npm install auto-executes...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 8:41 a.m.10 views

Malicious code in @higherlogic/ocfe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bbd559291bd6c2d7889aebe011bb43bef61938171904f5c9ff378f33fd9e5e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.1AI score
Exploits0References1
OSV
OSV
added 2026/07/07 8:41 a.m.5 views

MAL-2026-6911 Malicious code in @higherlogic/ocfe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bbd559291bd6c2d7889aebe011bb43bef61938171904f5c9ff378f33fd9e5e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.1AI score
Exploits0References1
OSV
OSV
added 2026/07/07 6:25 a.m.5 views

MAL-2026-6910 Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 6:25 a.m.7 views

Malicious code in zluri-ad-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7a807f066f0255f7480ebd7d445043282260b464b0ef54a32a2d022c93bbf7 The package declares a preinstall hook node index.js that runs automatically on npm install. index.js requires os, dns, https, querystring, and the...

6AI score
Exploits0References1
OSV
OSV
added 2026/07/05 8:25 p.m.5 views

MAL-2026-6761 Malicious code in gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3653831a01d3068b12688a9f6ae11926a1b1edde27f8f37a6c48f3f0dba99231 On npm install, postinstall.js executes automatically and collects installer host identifiers os.hostname, os.userInfo.username plus public IP/geo da...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/05 8:25 p.m.10 views

Malicious code in gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3653831a01d3068b12688a9f6ae11926a1b1edde27f8f37a6c48f3f0dba99231 On npm install, postinstall.js executes automatically and collects installer host identifiers os.hostname, os.userInfo.username plus public IP/geo da...

5.9AI score
Exploits0References4
OSV
OSV
added 2026/07/05 3:29 p.m.5 views

MAL-2026-6792 Malicious code in wsh4-nmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f4958e0d564fad3efe079f48b02579eb052190951bc2ce2bf3d8bc067575c36 package.json declares scripts.postinstall = 'node index.js'. On install, index.js unconditionally POSTs installer-identifying data — the absolute...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/05 3:16 p.m.10 views

Malicious code in @adobesign/as-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6752e4d30c584cb5ca6f67265c983257c1531aa306b47ec00b43ddae83fe2532 The package's package.json declares a postinstall lifecycle hook that pipes the output of whoami through curl to a hardcoded Burp Collaborator...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/07/05 3:16 p.m.9 views

MAL-2026-6760 Malicious code in @adobesign/as-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6752e4d30c584cb5ca6f67265c983257c1531aa306b47ec00b43ddae83fe2532 The package's package.json declares a postinstall lifecycle hook that pipes the output of whoami through curl to a hardcoded Burp Collaborator...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/07/03 8:5 p.m.7 views

MAL-2026-6790 Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.2AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 8:5 p.m.8 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff9ad8188112d91f0ea673971f4421ca96dc7943ba12d65c7339c1aa75c2226e The package name debugcli shadows the popular debug package, and index.js is a thin re-export module.exports = require'debug' so callers observe...

6.1AI score
Exploits0References7
OSV
OSV
added 2026/07/02 9:32 p.m.3 views

MAL-2026-6737 Malicious code in epic-internal-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8936b0c0d22097170c5eb02c9b183611934e59e7a3c97f94e3a269e13f0d4d5 The package.json preinstall script auto-executes on npm install and performs installer-side reconnaissance and credential theft. It collects...

6.1AI score
Exploits0References2
Rows per page
Query Builder