3 matches found
Malicious code in marketplace-benchmarks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b007173bde965cf168de7c0496ea3a257c989e5ee2c9d5bd6eb1806324eb62b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4485 Malicious code in marketplace-benchmarks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b007173bde965cf168de7c0496ea3a257c989e5ee2c9d5bd6eb1806324eb62b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview marketplace-benchmarks is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...