2 matches found
Malicious code in mountly-tailwind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e398eaa72f57a4536d3bb3c64f27de01f4a1d91cf64c65f10b8949dcfb4cfb91 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...