Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

168 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 6 days ago10 views

Malicious code in hardhat-evmchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f369bb56919b0bda50e063229cfaf0fd1b0481d62c6d5fbdf90eb6e5cd6ac6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 6 days ago8 views

Malicious code in tailwind-smooth-slider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b613524a54cbd80614c087930d4df2de524b7a594cadc3469723bb38e5cc8516 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 12:22 a.m.6 views

Malicious code in @squawk/navaids (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb4f88ca950b4d0ba1fb9666f866d8c742a9b0aeeb2657fadae9ed5dcd30359c The package @squawk/navaids was found to contain malicious code. Source: ghsa-malware 62f878f444def0ffdccd14f64cba4ee46bf960745aefb09d0c0ee16ed5ded86...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 12:21 a.m.5 views

Malicious code in @tanstack/router-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44bca8f9294a1b6c949228c6741851305336a0b694ce00617c6fcd4b220c30a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/20 4:48 a.m.3 views

Malicious code in woltpickerapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a6352ffe541b2fd35eb37ebb5dbdc78f1f57a51d31b36c6fcae39d21f97c594 The package woltpickerapp was found to contain malicious code. Source: ghsa-malware b0c8234f6a72b4da77be49eb19f15dc41dd1d94b6b8b9bc4bffd3ef9ddb4316b...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/16 12:0 a.m.3 views

Malicious code in vue-scoped-css (npm)

The package 'vue-scoped-css' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/16 12:0 a.m.2 views

Malicious code in lit-a11y (npm)

The package 'lit-a11y' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...

5.5AI score
Exploits0References3
OSV
OSVadded 2026/03/05 4:0 p.m.2 views

MAL-2026-1253 Malicious code in pear-apps-utils-date (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65df5bee974b55dfd58d5816e480664604e9d8b3bf6a7c27c22b92aefeaca124 The package pear-apps-utils-date was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/02 2:21 a.m.7 views

Malicious code in mqttoken (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aca93be8c1540d3f53af3e84ab54ac100f00390a05d10931f80ca2941beeb39 The package mqttoken was found to contain malicious code. Source: ghsa-malware c91a888cf7be32a16813cf296ec094ba2d56bf4706c030246a92f686bac1ea2c Any...

5.7AI score
Exploits0References1
OSV
OSVadded 2026/02/13 2:1 p.m.2 views

MAL-2026-883 Malicious code in ecosystem_ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4987a955f090814c8e125cdaca051b7d106fc4e853cc4e45bc253fbb444f8d94 The package ecosystemui was found to contain malicious code. Source: ghsa-malware 31a22a7e3ce76544adef6885be748f17910483d02a1f19395a520b918516ea63 An...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/13 1:50 p.m.7 views

Malicious code in console-style-pro0o0o0o (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fe7407a5523ef7efe6bec615d9601fe978b9e5de59d19d7e8e2ff054c5e09e9 The package console-style-pro0o0o0o was found to contain malicious code. Source: ghsa-malware...

5.6AI score
Exploits0References1
OSV
OSVadded 2026/02/05 1:7 a.m.3 views

MAL-2026-750 Malicious code in dspmobile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd390d34dbfd7246c65b551f8b71dfaba4b78fa438e818cab41a0ea35716c21 The package dspmobile was found to contain malicious code. Source: ghsa-malware 73466b34e7f0da321f410baa9db15370fbf0563af429ef587315608e3507f2b6 Any...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/04 5:18 p.m.5 views

Malicious code in @msecscc/gaia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35c005bdb108aca2e4bc9842086fa98dd73b442764e4e7814fd6e7a9fa7010dd The package @msecscc/gaia was found to contain malicious code. Source: ghsa-malware 5186ac1e518b181d1e03469aa042d8dddefbe3345b3c85d5b795ed329e5c3a73...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/03 7:22 a.m.6 views

Malicious code in kwp-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8db163baaddfa00a5ad4be917d7b8147bbc3b1b0807694614ab14ebac6c431 The package kwp-analytics was found to contain malicious code. Source: ghsa-malware 57994b2b00321595177d73893abdd66ed3fdbe0f5ff0a7565c59efb6126d9e7a...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/21 4:34 a.m.4 views

Malicious code in anthropic-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a0221a103a31cc2bf5e4f6c7d5fc7e0a8cbb2128d06aafe849e2c0df492fa8 The package anthropic-sdk was found to contain malicious code. Source: ghsa-malware fb69378ea2c4bf83cabc021e0e00f2cc8f87b8d9ddfd536f6e0285d10dbf4daf...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/12 1:59 a.m.4 views

Malicious code in pinecone-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c597ee3d643e51ba6eca0553a77be1c79a3e5dc72d8450b09b7f405a558d2d56 The package pinecone-js was found to contain malicious code. Source: ghsa-malware 0e6ef1006a92156684ab8d3e78ab8e036d4c27f591eba5212441a68be8231a66 An...

6.9AI score
Exploits0References1
OSV
OSVadded 2025/12/30 4:12 p.m.2 views

MAL-2025-192965 Malicious code in awsmcc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2a7b489d8af5f0c06c47b310c02a653edcfa6b8e32f0240de8b9b458a25ca20 The package awsmcc was found to contain malicious code. Source: ghsa-malware df5248366fb710499bb8e8e68e608e462aae6607213972d97afe020f85397b0e Any...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/12/16 7:27 a.m.2 views

Malicious code in tailwind-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50a9b7a9c02e83e0b4145dc9caaa9d04b407a199ae5d54b9f544f91397980966 The package tailwind-variables was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/12/16 6:26 a.m.3 views

Malicious code in elf-stats-nutmeg-sleigh-350 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4e43446814eeb05f58979f02ff96534374a9f069055bcc5f5f97425254b0817 The package elf-stats-nutmeg-sleigh-350 was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/12/12 6:36 a.m.4 views

Malicious code in kashif-mallah-fca (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3015dc78458d21da40c01cf159c54f0298cd4ce7ea2604eecc18a7ea906cdd The package kashif-mallah-fca was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
Rows per page
Query Builder