Lucene search
+L

967 matches found

OSV
OSV
added 2025/08/02 11:0 a.m.4 views

MAL-2025-6676 Malicious code in undeface-test-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 69c9b501034a030dc669fcc1ae2026db2508367cac00b2b2b7e4d8df0a78ad7e The OpenSSF Package Analysis project identified 'undeface-test-2' @ 9.9.9 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/02 9:16 a.m.3 views

MAL-2025-6737 Malicious code in newrelic-scheduler (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 283d0b11edc13929f769d9072e403ef35901c2c26167edbfadb2573cbadaa850 The OpenSSF Package Analysis project identified 'newrelic-scheduler' ...

7.3AI score
Exploits0
OSV
OSV
added 2025/08/02 7:28 a.m.3 views

MAL-2025-6674 Malicious code in undeface-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cb90f4f82fed4d59ca2dcb3a39b4b93866778f4f52ae780393bdcf08e389be03 The OpenSSF Package Analysis project identified 'undeface-test' @ 9.9.9 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/08/01 8:58 p.m.3 views

MAL-2025-6673 Malicious code in cerberux (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5695d0b2f501364a21975ae94641cd4afe53e8728199b018ebcea405011d9485 The OpenSSF Package Analysis project identified 'cerberux' @ 3.0.0 np...

7.3AI score
Exploits0
OSV
OSV
added 2025/08/01 3:10 p.m.3 views

MAL-2025-6671 Malicious code in @usaa-grp-payments-web-experience/bk-acknowledge-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b56c4b39f3ee1932940e85cef9f0071fc46b948628c13f5588bd484de40ab42d The OpenSSF Package Analysis project identified '@usaa-grp-payments-web-experience/bk-acknowledge-module' @ 2.9.11 npm as malicious. It is...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/31 3:38 p.m.8 views

MAL-2025-6385 Malicious code in icare (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4ae62dc64a37956f3444013e4dd1287b53c4f98d5811644e41de70bea7820b31 Source: ossf-package-analysis 5ef3fd9f7c979ad17316b55bd4b33311a8afc4966f82955133c709fef2b53e84 The OpenSSF Package Analysis project identified 'icare' @...

5.3AI score
Exploits0References1
OSV
OSV
added 2025/07/31 7:35 a.m.5 views

MAL-2025-6753 Malicious code in rca-url-adaptator (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8a4c404a67ab59319cbe0468f8814fdb2d770576ff6c1e58b816b178705447f3 The OpenSSF Package Analysis project identified 'rca-url-adaptator' @...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/30 10:19 a.m.4 views

MAL-2025-6787 Malicious code in flatfox-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1abb243ceb7b5b94ca2f950d7cf27838ad4c22bc9771a0ea878af5497bfebf2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.4AI score
Exploits0References1
OSV
OSV
added 2025/07/30 5:46 a.m.3 views

MAL-2025-6348 Malicious code in resource_registry (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 167da4f9808c8b20773d1ba15c4581213f2c09eadb21944e6391a525e774d787 Source: ossf-package-analysis 97ad7e4a2d8c7feaee7f61db0f1f57c90f92b4f92d6ca258fef4bc5f5107666d The OpenSSF Package Analysis project identified...

5.3AI score
Exploits0References1
OSV
OSV
added 2025/07/29 6:5 a.m.3 views

MAL-2025-6337 Malicious code in @xcxcxxx/gsap3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dca541d25bf831300b7d0993132672911b4c5d12c94e73218858e5a6d458af4a The OpenSSF Package Analysis project identified '@xcxcxxx/gsap3' @ 99.10.90 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/29 5:22 a.m.4 views

MAL-2025-6336 Malicious code in testing123kk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bebd39f4de86af5e9634fbfda5f8c97794b597b1066c2fcd32e3a2068569280d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSV
OSV
added 2025/07/29 12:35 a.m.4 views

MAL-2025-6329 Malicious code in momentjs-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f28c9895f79a0a36ce23a5aa43824f3819d75b0736b6650523b5f4dc6aa0babd The OpenSSF Package Analysis project identified 'momentjs-poc' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSV
added 2025/07/28 3:10 p.m.2 views

MAL-2025-6328 Malicious code in triple-equals (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d65cc69dec9f320438a4209e4c952480d78b96c779a019b6a09c04499b9e3edc When imported, the package attempts to exfiltrate environment variables and basic user info --- Category: MALICIOUS - The campaign has clearly malicious intent...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/26 11:15 a.m.4 views

MAL-2025-6255 Malicious code in redux-probe-unknown-action-rce (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d273d8be87dc1aaa71222024d9f545d4ec9bde08234f27b0c9c81f6dd8c86721 The OpenSSF Package Analysis project identified...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/26 10:22 a.m.3 views

MAL-2025-6327 Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

7.4AI score
Exploits0
OSV
OSV
added 2025/07/26 7:54 a.m.3 views

MAL-2025-6249 Malicious code in @grafanacloud/test-utils (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 86fad9166303d847c44fd5532ddf9f11a1b00f4d412bdde3435415be2bdd4b5e The OpenSSF Package Analysis project identified...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/26 1:36 a.m.3 views

MAL-2025-6248 Malicious code in foundry-jupyter-extension (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8114162af3676e6c75f96e1dc953dae363e41fab4e9b3ce75a84b261aece0113 Installing or importing the module triggers exfiltration of environmental variables --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/07/25 5:45 p.m.2 views

MAL-2025-6241 Malicious code in budoux-extension (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b648f8e2f3161c2d499b10cce27dfd7bc034fc56857168b74c85c0dd29d03fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/07/24 4:0 p.m.2 views

MAL-2025-6321 Malicious code in ui-data-layer (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8a48f1cd7920a46266b710e80c45543e765af5de9e2944c114bf249efe69ce17 The OpenSSF Package Analysis project identified 'ui-data-layer' @...

7.3AI score
Exploits0
OSV
OSV
added 2025/07/24 3:1 p.m.4 views

MAL-2025-6224 Malicious code in google-protobuf-conformance (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c56504427d8d150c02bac6d80c813025eafa11c3ed21419e5a3ce13a6c11ca6 Any computer that has this package installed or running should be considered...

7.2AI score
Exploits0References1
Rows per page
Query Builder