Lucene search
K

1755 matches found

OSV
OSV
added 2026/07/06 12:0 a.m.6 views

MAL-2026-6944 Malicious code in zredis-typed (npm)

zredis-typed is a malicious npm package and part of the multi-wave "forge-jsx" cross-platform RAT campaign Wave 4. It was published by npm account 'donimique' [email protected]. The package.json description 'Node.js integration layer for Autodesk Forge' and the bundled README.md literally...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/30 4:18 p.m.9 views

MAL-2026-6687 Malicious code in procwire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011cf28d546459d946b1ed6d92c3beb4cb7c5322d6a9370d52fcd40e9a81ac2f On Windows, installing [email protected] automatically downloads and executes an attacker-controlled executable. The package.json preinstall script runs...

6.3AI score
Exploits0References3
OSV
OSV
added 2026/06/29 4:53 p.m.6 views

MAL-2026-6635 Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/29 4:50 p.m.5 views

MAL-2026-6622 Malicious code in @gallup/pc-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca755b4cbe794ce9b1389cff974fb13df6325eeb2eb658ca64a7bb7ee734b8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/29 4:44 p.m.7 views

MAL-2026-6669 Malicious code in pvd3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c992d4bd87c36aa389d168c263ca0b89c04b425b0483217ae1098a0c2f3ee10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/29 4:32 p.m.5 views

MAL-2026-6658 Malicious code in bundrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f853223051c1cb68bc005b827209cb844bcde568473a9ff819fb34fccb042d74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/18 10:29 p.m.16 views

MAL-2026-6142 Malicious code in db-connector-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0b028ed25796b267dc7df004e294b917a05c2e5fdd76e2540530b8c179843c6 [email protected] impersonates the legitimate dx-db-connector package divbloxjs; package.json's repository/homepage point at the divbloxjs proje...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 2:32 p.m.18 views

Malicious code in sea-bound-siren (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...

5.4AI score
Exploits0References24
OSV
OSV
added 2026/06/11 1:54 p.m.9 views

MAL-2026-5664 Malicious code in @tribe-digital/shopify-starter-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d20022a66a46ee0bc6a944946691b3746c8e0262e00b90891bd6ef26519e8a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/10 5:11 p.m.14 views

MAL-2026-5519 Malicious code in requests-toolbelt-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38c64ca050de4910f56bc4a652890b0a378082859cb62153762c6ae08b4b8eae The package impersonates the popular requests-toolbelt library but ships an empty requeststoolbeltplus/init.py and places its real logic in setup.py...

6.1AI score
Exploits0References5
OSV
OSV
added 2026/06/09 3:10 p.m.10 views

MAL-2026-5384 Malicious code in enquriers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7f041bb6800c0c765683543b18f204299e64265c3d9124c54f7f0169b53348 Package name 'enquriers' closely resembles the widely-used 'enquirer' package transposed/added characters, suggesting potential name-confusion risk. ...

6.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:29 a.m.12 views

Malicious code in void-ulid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17c8bf4c8a22f2c86dcf8af482d28d5fccfc1d5971289e4f06afedc17c0585a9 void-ulid impersonates the legitimate ulid/ulidx ULID generator its package.json reuses the upstream github.com/ulid/javascript repo URL but ships a...

5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview nottuff18 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 12:0 a.m.15 views

Malicious code in @redhat-cloud-services/frontend-components (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:3 p.m.17 views

Malicious code in tailwind-smooth-slider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b613524a54cbd80614c087930d4df2de524b7a594cadc3469723bb38e5cc8516 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/26 9:3 a.m.21 views

MAL-2026-4789 Malicious code in ggk-happy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d747cc7acd8bbc1defbf475aa3202fd332fd43135a6fedddfcc37356ce02eb54 Package presents itself as the legitimate slopus/happy CLI README instructs npm install -g happy; homepage, repository, bugs, and author fields all...

6.6AI score
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 1:48 p.m.15 views

Malicious code in itc-actors-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22687e1f7601dde1753d3775925d62d040892631394937e56e9b9fba74fb85c6 The package contains callback.js which collects host identifiers and user information os.hostname, os.userInfo, os.platform, cwd and transmits them v...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/20 8:33 a.m.9 views

MAL-2026-4196 Malicious code in pinno-loggers (npm)

pinno-loggers is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads a...

5.9AI score
Exploits0References1
Snyk
Snyk
added 2026/05/18 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2026/05/15 10:43 a.m.11 views

MAL-2026-3793 Malicious code in simple-date-diff-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb5f213f91d456c5ac949bf0995ee5310b944a9bf102b429edec11a99cfb6bf The package simple-date-diff-utils was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Rows per page
Query Builder