Lucene search
K

342 matches found

OSV
OSV
added 2026/06/24 11:4 p.m.4 views

MAL-2026-6434 Malicious code in serverless-convention (npm)

The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.8 views

MAL-2026-6417 Malicious code in leo-auth (npm)

The leo-auth npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.5AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.9 views

MAL-2026-6426 Malicious code in leo-connector-oracle (npm)

The leo-connector-oracle npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.10 views

Malicious code in rstreams-shard-util (npm)

The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.9 views

Malicious code in leo-connector-oracle (npm)

The leo-connector-oracle npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.5 views

MAL-2026-6421 Malicious code in leo-cli (npm)

The leo-cli npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.16 views

Malicious code in autotel-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1bce8c001a8e85b493ccdd8af1e3e57f3578d1026e6d5d147374b0a68467313 autotel-devtools ships bundled CommonJS and ESM artifacts dist/cli.cjs, dist/cli.js, dist/index.cjs, dist/index.js, dist/server/index.cjs,...

6.1AI score
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in awaitly-visualizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7f392622f2aeb9a1cd98719278777d45ea44442e6f3979175ed8d8b6f8a0389 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References24
OSV
OSV
added 2026/06/05 12:53 a.m.20 views

MAL-2026-5221 Malicious code in autotel-eventcatalog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21a008fc4c3a9bff3d0c920364ff6e56ab62ff607408a040e7e959ad3cb461d9 No concrete installer-harm evidence was identified for this package version. No lifecycle-script droppers, credential reads, hardcoded exfiltration...

6.2AI score
Exploits0References8
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5217 Malicious code in autotel-cloudflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d324ad75e592bc93a8dc377ed5dd767a51a006b12141d0b4f33c95738b85a09 No concrete indicators of installer-side harm were identified for [email protected]. No lifecycle scripts fetching remote code, no...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5206 Malicious code in @forjacms/client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e53cc7a866c8a2316aec94a20aa737e6bdb4a71202c0f363e301219ae1291ac The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.10 views

MAL-2026-5212 Malicious code in autotel-adapters (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e39e600baede93e3a5b493d603c5fe392c561544c95611960149ac4e7b99f98 No concrete installer-harm evidence was identified for [email protected]. No lifecycle-script droppers, hardcoded exfiltration endpoints,...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.17 views

Malicious code in autotel-drizzle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed16d2715633927ef05b9b370a8d37f95581137f46144053bcb53f94430f2f33 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.13 views

Malicious code in awaitly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3b437ec90b9b48314676b67f08b3ab9a54e1d3b787aa17d668dd0459f2cf68b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in autotel-hono (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5d4817f36d8b16c1ecf07488650333e0cf46bf1b5f45a1a9f15079575424225 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.19 views

Malicious code in @ethlete/query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d3334de45d8864ad96963e00aa263c3c1b09678abe9317058965a2b6b026abd The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.15 views

MAL-2026-5242 Malicious code in creditcard.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d465ca657b19d32867e41b0ef3e049313241bba9db41c54c9e73d1682d7c1300 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5208 Malicious code in @forjacms/sections-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02715041554bf7c08c47813a9919c23a7adc633c39a9a794fd9eada9fcc00663 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.10 views

MAL-2026-5250 Malicious code in executable-stories-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 838176fbbb9290f1ee55af50cd6e292d461f33565a675a6e965bbe50d3b6c3ec No concrete installer-harm evidence was identified in this version of executable-stories-cypress. No lifecycle hook payloads, hardcoded exfiltration...

6.2AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:0 a.m.15 views

Malicious code in @cap-js/openapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 243c059793e8b277fc77959046b7b064cb740d568fa53e4d30b9075660d9dab5 The package @cap-js/openapi was found to contain malicious code. Source: google-open-source-security...

5.8AI score
Exploits0References3
Rows per page
Query Builder