Lucene search
K

6 matches found

OSV
OSV
added 2026/05/19 12:0 a.m.8 views

MAL-2026-3897 Malicious code in @antv/f2-vue (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/19 12:0 a.m.8 views

MAL-2026-3974 Malicious code in @antv/g2-brush (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.15 views

Malicious code in miz (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSV
OSV
added 2025/11/24 11:47 p.m.3 views

MAL-2025-191444 Malicious code in unsearch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d41465f8d935a520eb2c94bb174a649b13594010fc5348246aa22a055906c2 The package unsearch was found to contain malicious code. Source: ghsa-malware b55e1abf001e324d7e6020000bca3d6bd8c1c5843767dba793bc9256f02a44ef Any...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 11:25 p.m.3 views

MAL-2025-191313 Malicious code in @silgi/ecosystem (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1476f1384de83c5e5ccae6b60fbcf5794fca7387b8904c42125a65fabab6051 The package @silgi/ecosystem was found to contain malicious code. Source: ghsa-malware e05b24c2b8b197e85ebbafbc2eef89e4b3c94f02b7519a3fe93b514a763e05...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 11:0 p.m.3 views

MAL-2025-191111 Malicious code in insomnia-plugin-random-pick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8717488a1afc3be853313a0f8f243fa748188c0b321d8c9096182cf59bfbb1ed The package insomnia-plugin-random-pick was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
Rows per page
Query Builder