Lucene search
K

36 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/g-css-layout-api (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/19 12:0 a.m.8 views

MAL-2026-3909 Malicious code in @antv/g-base (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.8 views

MAL-2026-4063 Malicious code in @antv/li-p2 (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/01/07 11:51 p.m.3 views

MAL-2026-141 Malicious code in rt-long-form-content (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aafc418ec6a49447f89597e76416b14a45ffa82d65fb393dc3bb91d1fca38ac The package rt-long-form-content was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/11/25 12:16 a.m.3 views

MAL-2025-191376 Malicious code in @voiceflow/storybook-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8dad09f9af7bcfdd86347fd6e8c490939feed1f44cb5632ca2098db24ddbe7b The package @voiceflow/storybook-config was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/11/25 12:3 a.m.2 views

MAL-2025-191204 Malicious code in @clausehq/flows-step-sendgridemail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e11e222c60736d3fbf0e7d232067bc608dbfdcb99484a13122cd9d2acd27f7 The package @clausehq/flows-step-sendgridemail was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:38 p.m.5 views

Malicious code in typeface-antonio-complete (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c235d9ce1035017bbe5c1605d3915069791ed17717ac6c6aada75553b43286a4 The package typeface-antonio-complete was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 4:31 p.m.4 views

MAL-2025-190894 Malicious code in @posthog/taxonomy-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6160bb29593f706f1623c9cc373f06290747d183e2d495f4d0afc169252d3046 The package @posthog/taxonomy-plugin was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/11/24 2:27 p.m.4 views

MAL-2025-190808 Malicious code in @ensdomains/offchain-resolver-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e33729ef15689f97d628745ade2c8c9a5f42b14ff63f1f151416c9db5732c88 The package @ensdomains/offchain-resolver-contracts was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.5 views

Malicious code in @ahmedhfarag/ngx-virtual-scroller (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66057cb43184c7c2694b0d4a8dad8c0566a4e2aa2395e63b96637dcef1455ef3 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.4 views

Malicious code in devextreme-angular-rpk (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48daa4ee53933f4f74c8a6cd7644ad441f316912aa3e282498fe602b91f2bc40 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.6 views

Malicious code in @yoobic/yobi (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f973d949e3a5ae002289cfd3e93009c3a8122535b1f75f0363bd8e2c04a2548 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.5 views

Malicious code in cordova-plugin-voxeet2 (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96ae7ef5d43ef45901a8613d236559761bb72ca1729594ffc8b3df8200250094 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.6 views

Malicious code in @operato/popup (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 211d1a1f6ff1362c33afe9e1d91ae471476a624a0bc79a2ef3a1a74d7fc4189d Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 9:46 a.m.3 views

MAL-2025-47225 Malicious code in @yoobic/jpeg-camera-es6 (npm)

Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...

6.8AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:50 a.m.2 views

MAL-2025-47298 Malicious code in browser-webdriver-downloader (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01fb714365440560815380bba71421a48f96fcc47b83487acaaa72a1410c0ab5 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 4:11 a.m.3 views

MAL-2025-47273 Malicious code in @teselagen/file-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7da1a31ac60a5206e526134aa3bb58f83fa6e2d32f66cacf06f26a91de3b71f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/08 7:44 p.m.4 views

Malicious code in proto-tinker-wc (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7c28102f10f0e7abdda4eaae50e9db8edf27c3b15fe2ba6841ceb95fa907adc Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References3
OSV
OSV
added 2025/07/28 2:19 a.m.2 views

MAL-2025-6335 Malicious code in uidraftism (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57170f8a04ef1c34750c5fb4781b9af9071ce8936e4a5fc61225e5919acecf36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/25 2:53 a.m.2 views

MAL-2025-6244 Malicious code in jet-os-detection (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae12c732362620c804ce4ff9fc2e85cd4f861a8084f6b9016fe67ce31b57c955 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder