Lucene search
K

13 matches found

OSV
OSV
added 2026/03/16 12:0 a.m.2 views

MAL-2026-1552 Malicious code in typescript-nhost (npm)

The package 'typescript-nhost' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSV
OSV
added 2026/03/13 6:47 a.m.3 views

MAL-2026-1394 Malicious code in dell-emc-internal-api-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79b1c68a3106c50c73d1ede904d8c6fe7b41466a0e619e50c0935a7988293740 The package dell-emc-internal-api-drzak was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/01/27 8:11 a.m.3 views

MAL-2026-536 Malicious code in morgan.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34775085e6638773de4ccac41092ae9954c9889f2c2a7bcd7cb7909375b53c4c The package morgan.js was found to contain malicious code. Source: ghsa-malware 6d6ee3da39907b410bc3a7d0baf6736a9c9c2f1c770a6e749c5ad2119c848d9f Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:52 p.m.6 views

Malicious code in better-auth-nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63a2c1f5ccee32dc0e1c83e0664d434add6b894caa54c57f137fe0367cba558f The package better-auth-nuxt was found to contain malicious code. Source: ghsa-malware 14fe0837bf9131779e90c6a1e8530acbe2d811b2df09dfa25d2d86c5a151c0...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/29 2:5 a.m.4 views

Malicious code in react-content-parser (npm)

The package react-content-parser was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed262514ac58c1f13a4761aa92199769727342ebbd70431d112061e34da94a00 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/10 1:16 p.m.4 views

Malicious code in arjvg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cd64f189589f89a129472b58fe6cdad30ec47b3cbbefc805f31d335ed8cac98 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/17 6:38 a.m.3 views

Malicious code in coinstore (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 286d8b6ab8cdb3aa670b6e20e27a75655c4e1aa96479e07e1684ef09ef31f7d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/07 6:7 a.m.4 views

Malicious code in nebulagl-h3-hexagon-editing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbf7cb7b134f7a3699367939a1d01f6863a30cbc599d8973b3c57509cd51c9b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/02 1:42 a.m.3 views

Malicious code in @diotoborg/deleniti-culpa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 709e7a8654939a05b3508e1266e8a2a470b3f938538ef07535b83af5c11fd97f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/01/24 8:23 p.m.3 views

Malicious code in wlwz-2312-0503 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2528f7fdcd919b81bed24c3e42cba6af77ddd0fd4e6da4269e35083c59b5cdd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/19 3:55 a.m.4 views

Malicious code in lodashflten (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a574b0dd7d9fa669eca905bf516803490c0650204242587358e67314a6c95259 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/11 8:30 p.m.2 views

Malicious code in wqhkjmnfyegalzdp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c33e5cc162fed20152e435c99988ee7d7ce757a3ce31b8d4aa0861eb9157f5f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:18 p.m.2 views

Malicious code in dnsteszt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8de7f8e3f686410c606a317dfc618522fd396da7f3140a99b643e1cb510fb799 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder