2407 matches found
Malicious code in iconfront (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 240c513249651d31b1c1f7e2f4d53fed69736ccbcd996a72e62ee73750bb868a The OpenSSF Package Analysis project identified 'iconfront' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in mm-docs-v-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e164ce9b5bafc633c26d087af362bfe0ae909af588fc1b193b9c79f3b956c030 The OpenSSF Package Analysis project identified 'mm-docs-v-2' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-1238 Malicious code in mm-docs-v-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e164ce9b5bafc633c26d087af362bfe0ae909af588fc1b193b9c79f3b956c030 The OpenSSF Package Analysis project identified 'mm-docs-v-2' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-324 Malicious code in fancode-fc-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c5bd5aa57b0f9638d8098a61906b348c1879d48c34ca8bebcad3a1a01d8de4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-921 Malicious code in uploadcare-tinymce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a639188015774141a6e7828027fb105771e51cf101e48ebab5dc6d652e63ed92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in gd-login (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 190b8c40ae199e301f0ec2e1364caac0d49271c7fd8cc7ea7192502f06e2945c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-177 Malicious code in cirrus-matchmaker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 086ee48f51dc34391e9a296e791f83f5fad1d81e111f0ef00e0691d1f7b313ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-560 Malicious code in kuna-chart-header (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7b6783077178ab41482bc0e611e487453d9b0254e1e1ad5684b89472b002b2b4 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
MAL-2023-34 Malicious code in @chegg/wtai-upload-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed3e4233e6f2d188d7f2bab940bf8574017cf73a97b440daddc7f4e3176075a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-530 Malicious code in instantsearch-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a27501212cebbbed635898a691dbc8dedd8d342d3c41666ab78875dc496daca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nayduck (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb0f8f1fb55d7c0ab3534b324088d7e45c50a528a69143855696fd38a053e03f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-616 Malicious code in nayduck (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb0f8f1fb55d7c0ab3534b324088d7e45c50a528a69143855696fd38a053e03f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-823 Malicious code in swisspost (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74d696737991f359ea326bffe6ff2cc67a2dda5953c0181554663abd6685b024 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-813 Malicious code in statfacepy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 373eb896ca8e023347b915995e171ecd304adbde8fc02c732629fea27470cdc5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-716 Malicious code in python-tdigest-bindings (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5764e30c8f0fdecc8d1be71c4590440c7433bd9ff7ad6d0dad7d32eb41764303 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ticket-parser2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee92fd5b97c5234a0a301b915037b0f7285c820216158c9bef86dc7c08e16661 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-811 Malicious code in startrek-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 677916f3c3652c9c9adf72499bd52d0411e53c57df7ff1a301df7dfb9d64474d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-265 Malicious code in django-yauth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae070c20f7fe6b1fb2f0563cc58a8822e6631547876b18e72e32ebee1a7afdb6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-263 Malicious code in django-pgaas (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2de826396a82e1611c1de3d77a409bafde0f0f0cc57a5623b149b90a48d3e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-717 Malicious code in qb2-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccaba51ce2f483353a479caa2c736c3ae023bf6b83eace0030e7e1853d3605bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...