Lucene search
K

15404 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/07 6:49 a.m.9 views

Malicious code in hiqomu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f1b14ad8ceaca23c5a536740bb79e0425805fb3df3bd23448dd6cee7af377ad The package hiqomu was found to contain malicious code. Source: ghsa-malware 0bd082bac5a58a31b60a13d745e6ec55d8e49b1e4d5d17c9f3711f28e611f0de Any...

6.9AI score
Exploits0References1
OSV
OSV
added 2026/01/05 11:50 p.m.6 views

MAL-2026-926 Malicious code in auto-backup-wsl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a2df4191bfbdaa28acd42677c912064639ef3b278179beee064cd83fb5b0e11e Package performs a "backup" of files to a remote location. This functionality is clearly described, but the user has no control over the remote location where...

5.7AI score
Exploits0References10
OSV
OSV
added 2026/01/05 1:9 a.m.21 views

MAL-2026-42 Malicious code in pyrogrom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ef643052c84683fba662eaded2786ba6fa993e69224608070ad949d4f3d0c3e4 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/02 5:21 p.m.8 views

Malicious code in pdatainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...

7.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/01 11:16 a.m.7 views

Malicious code in sfnt2woff-zopfli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f372716a5cf92b41a37e0d7a83e287a41fcaca77b3cf9a324554c20a86635d8a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/26 10:20 a.m.11 views

Malicious code in yunxohang4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d338ce37d2952ccdcf9637c7dc760e409b9b046a0406e0aef49ef84d1ab6bf9 The package yunxohang4 was found to contain malicious code. Source: ghsa-malware aa3fc62cbb33b48a9dc4c66dd69e7a0ea084d25daf9ef0c90812126ac4d5f755 Any...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/19 8:44 a.m.8 views

Malicious code in elf-stats-wintry-chimney-348 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81ca968ff9d74512694f4175979de59da80fad3394cebfb3f6c09f6900309a2a The package elf-stats-wintry-chimney-348 was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/10 1:58 a.m.6 views

Malicious code in allow-deny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 512611dc9091a6cb708a796ffa1ff4047634ff63ee34231b092411ec45e57132 The package allow-deny was found to contain malicious code. Source: ghsa-malware eacee1962bd7ee456809cbd1fec30a8feb4fe397bf9e945ff4f42a8331cab117 Any...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 4:30 p.m.7 views

Malicious code in elf-stats-sleighing-stocking-579 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f2697cfcf138d4632b78908e7efa407bc80e1159f5a85f376d6b52c939f9c84 The package elf-stats-sleighing-stocking-579 was found to contain malicious code. Source: ossf-package-analysis...

7.1AI score
Exploits0
OSV
OSV
added 2025/11/29 2:31 p.m.5 views

MAL-2025-191486 Malicious code in vitest-environment-jsdom-patched (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0d8ae07807d73026bd13988c3341aecf8375b53ae436d03f80110884c5d84e The package vitest-environment-jsdom-patched was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
OSV
OSV
added 2025/11/24 11:42 p.m.5 views

MAL-2025-191426 Malicious code in simplejsonform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d512e223b9a2375fd46539f1b0434e092f755c299f20b1d054c538228d266436 The package simplejsonform was found to contain malicious code. Source: ghsa-malware fd81fbb7b9cb8cfc5e4444da9cd2d18ed54ec4b7bb741f0ad95a56ce29a5edd0...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:59 p.m.6 views

Malicious code in ids-enterprise-typings (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8d2289786c3e4396ada63a5a2651f54fc6a55d011e2b5f8acccb8aa21b11cab The package ids-enterprise-typings was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 1:44 a.m.7 views

Malicious code in werufgugweuiguiwergqui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b0713cad30ef783b4e799858b0b42ec77487f58a9ab6ac77c9941ee1f3bdf8b The package werufgugweuiguiwergqui was found to contain malicious code. Source: ossf-package-analysis...

7.2AI score
Exploits0
OSV
OSV
added 2025/11/17 1:25 a.m.3 views

MAL-2025-190508 Malicious code in integrator-filescrypt2025 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 023077b3a9220f828d324d3d9faa0e5dc5cf520b016163672bd5c023284e3039 The package integrator-filescrypt2025 was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in parse-array-slow-emulate-notify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79730effee3d6d0c7142b05c594c736477c5c548260feef0b81f2fa621df42c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in sanitize-hot-quick-log-byte (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21b181ef62ba0365ea1c72e8ce33e599496c5c070e8fd9690785ab4e1121f5c5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in subscription-interstellarmedium-toml-neuromorphic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94870bef41024d316470dd53ab7a4f20aa757f5e14a2b389f9389b45f02c0f32 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in halley-pm2-semantic-ui-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207baa0abd8ece63fe60c3b6ed72245a1fbd0ab7acbb419f0f280f5e15470fb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in subduction-pulsar-yaml-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fdcdd77876d0905b0625c6064e91a7bcc7cf4dd76d43162bb3a86d9a6a56da5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in emulate-await-sudo-code-grid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 754e83206c67625a2f588a8c5c27a9ffe36bc0e8ceea38941dc9bd3eab8690a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder