Lucene search
+L

2407 matches found

osv
osv
added 2023/01/30 10:11 a.m.12 views

MAL-2023-717 Malicious code in qb2-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccaba51ce2f483353a479caa2c736c3ae023bf6b83eace0030e7e1853d3605bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
osv
osv
added 2023/01/30 10:11 a.m.14 views

MAL-2023-995 Malicious code in yandex-yt-yson-bindings (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ef8f5064d17e16f308f05ff124d515f803d1acfdc65fa58b4c26a8ac52041b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
osv
osv
added 2023/01/26 1:25 p.m.6 views

MAL-2023-917 Malicious code in uitk-build-tasks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 110ea806ffdaa3d8ec8d3a6982b9fc4a07d6613b3b02f7ae5a7f35928095db0b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ossf
ossf
added 2023/01/16 6:40 a.m.5 views

Malicious code in @balea-telefonica/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 563059871426877f31b5ba1bd33fda80482ee48032d184d83e400daf25d54b99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
thn
thn
added 2022/05/13 12:26 p.m.31 views

Google Created 'Open Source Maintenance Crew' to Help Secure Critical Projects

Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine...

7.2AI score
Exploits0
malwarebytes
malwarebytes
added 2022/05/09 10:49 a.m.19 views

A scanning tool for open-sourced software packages? Yes, please!

The Open Source Security Foundation OpenSSF, a collective of industry leaders aimed at improving the security of open-source software OSS, recently announced the release of a prototype tool that scans for malicious packages in open source repositories. This tool, conveniently called Package...

7.6AI score
Exploits0
thn
thn
added 2022/05/02 4:50 a.m.34 views

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

The Open Source Security Foundation OpenSSF has announced the initial prototype release of a new tool that's capable of carrying out dynamic analysis of all packages uploaded to popular open source repositories. Called the Package Analysis project, the initiative aims to secure open-source packag...

1.2AI score
Exploits0
Rows per page
Query Builder