Lucene search
K

257 matches found

OSV
OSV
added 2026/04/25 6:5 p.m.6 views

MAL-2026-3055 Malicious code in @apple-pay-trust/validate-merchant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04e899c9f267696289778cbf0c2c4f8da289e47bb3bce95ffa4fa4e3fe290722 The package @apple-pay-trust/validate-merchant was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/25 5:35 p.m.12 views

Malicious code in apollo-landing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47cb6abcb11f6d62fb52ef331d93bf4c2d5faacb9a4f91386aa6fb06e03b7bef The package apollo-landing was found to contain malicious code. Source: ghsa-malware ed937449ad5ded3d0430063ec8da96faa5c685d89f612418710856e92d1b6438...

5.8AI score
Exploits0References1
HackRead
HackRead
added 2026/04/13 12:51 p.m.15 views

OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures

OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/11 9:20 a.m.3 views

MAL-2026-2553 Malicious code in paysafe-payments-sdk-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e93e9be8a06ed53e5f7b88d33e9f020bf96f51c343c2ffe9bd620bc498c011bf The package paysafe-payments-sdk-common was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/05 7:40 p.m.3 views

MAL-2026-2493 Malicious code in cloudera-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e0a829db4a908047174ccb540d590c9df780c994d9ecc1b1705247f89612de The package cloudera-poc was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/02 12:10 p.m.5 views

Malicious code in bytefrontier-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a556a5a46fe4be2c1c7662a6481c9086b192375a17d4dcdccfbe52564ed78571 The package bytefrontier-tracker was found to contain malicious code. Source: ghsa-malware...

5.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/01 7:20 p.m.5 views

Securing the open source supply chain across GitHub

Over the past year, a new pattern has emerged in attacks on the open source supply chain. Attackers are focusing on exfiltrating secrets like API keys in order to both publish malicious packages from an attacker-controlled machine as well as gain access to more projects in order to propagate the...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/29 10:45 p.m.8 views

Malicious code in bos-decoration-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cb5985779c5099333bec5b084b209c36dea0dd9fa47ef2c2d7c3630c33daaa5 The package bos-decoration-elements was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSV
OSV
added 2026/03/24 2:26 a.m.8 views

MAL-2026-2123 Malicious code in yelp-mobile-site-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad1d645e8b5f71c1d74bd3c213319d6674345796d462ed0e53a87c084f07a84 The package yelp-mobile-site-common was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/22 5:55 a.m.3 views

MAL-2026-2022 Malicious code in @mesh-components/card (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c96d53100e05047008977d25b2800e9da6e1d83f42874dcf6be5ed4144d3d83 The package @mesh-components/card was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 11:44 a.m.8 views

Malicious code in delphoi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72f68bb459a4772a75900ddec7e0a918b514f2211a2303aa80ef82252078e3b6 The package delphoi was found to contain malicious code. Source: ossf-package-analysis c15c8182b6e392861478887a08b04eb8fecc38b70000313dfaf1cad8ac8bc8...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/17 4:0 p.m.8 views

Investing in the people shaping open source and securing the future together

Open source has always been about community. It's about maintainers who review pull requests late at night. Volunteers who respond to security reports from strangers. And communities that quietly power the world's software. The reality behind the commits is that maintainers get stretched thin. Th...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/26 1:41 p.m.9 views

Malicious code in jslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11f2fdea43a54f2aac247e06fcc46c506979a5b1ccb5d178077662e61f747b74 The package jslint-config was found to contain malicious code. Source: ghsa-malware bddd0b74c730da3b118b7ef92befbc93b4b1379cc23ce7535e843151a84ae957...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/02/20 11:40 a.m.4 views

MAL-2026-996 Malicious code in rubocop-vintedmetrics (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8e90dd88f71e05719940997342cf6a367387fc68045f091a864d8f8e7e62be8 The OpenSSF Package Analysis project identified 'rubocop-vintedmetrics' @ 9.9.12 rubygems as malicious. It is considered malicious because: - Th...

5.5AI score
Exploits0
Circl
Circl
added 2026/02/12 12:25 a.m.5 views

GHSA-CFH3-3JMP-RVHC

creationtimestamp| type| source ---|---|--- 2026-02-12 00:25:06+00:00| seen| https://seclists.org/oss-sec/2026/q1/162 2026-02-12 04:10:06+00:00| seen| https://gist.github.com/alon710/8164d166b74f218576799553a77db1a5...

5.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 9:21 p.m.8 views

Malicious code in ethers-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315365a10d9e3322792c18bdb8c5a8e620bbcc2a9ad8d5a1d5ef139ef6e47777 The package ethers-lint was found to contain malicious code. Source: ossf-package-analysis...

5.4AI score
Exploits0
Circl
Circl
added 2026/02/05 2:48 a.m.8 views

CVE-2026-1642

creationtimestamp| type| source ---|---|--- 2026-02-05 02:48:12+00:00| seen| https://seclists.org/oss-sec/2026/q1/144 2026-02-05 14:55:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3me4nhuumkx2q 2026-02-06 01:50:05+00:00| seen|...

8.2CVSS7.4AI score0.00339EPSS
Exploits0References11
OSV
OSV
added 2026/02/04 5:25 a.m.4 views

MAL-2026-717 Malicious code in partnerss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c370b0dbfdf4006f77ab698296da5eef2bb1a5ca43e91b932711518a3a0b8c5c The package partnerss was found to contain malicious code. Source: ossf-package-analysis...

5.3AI score
Exploits0
Circl
Circl
added 2026/02/02 3:57 p.m.6 views

CVE-2026-1580

creationtimestamp| type| source ---|---|--- 2026-02-02 15:57:33+00:00| seen| https://seclists.org/oss-sec/2026/q1/140 2026-02-03 13:56:04+00:00| seen| https://bsky.app/profile/kubernetes.dev/post/3mdxjahavgy2p 2026-02-03 16:06:04+00:00| seen|...

8.8CVSS7.6AI score0.00485EPSS
Exploits0References9
Circl
Circl
added 2026/02/02 3:57 p.m.4 views

CVE-2026-24513

creationtimestamp| type| source ---|---|--- 2026-02-02 15:57:33+00:00| seen| https://seclists.org/oss-sec/2026/q1/140 2026-02-03 13:32:38+00:00| seen| https://hachyderm.io/users/ChrisShort/statuses/116006948523068049 2026-02-03 13:32:39+00:00| seen|...

3.1CVSS7.6AI score0.00278EPSS
Exploits0References8
Rows per page
Query Builder