Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 8:59 p.m.13 views

Malicious code in @sudoughnym/enviro-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02c1c204d0f458d13d7140f4b7a007d551095665a418e9146037be9a5b2b7957 @sudoughnym/[email protected] ships preinstall.js and postinstall.js lifecycle scripts that run automatically on npm install. Both scripts collect...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 5:25 p.m.17 views

Malicious code in @webda-infra/search (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d3966598d25bae6a0824df09461ccbea8ad8ff22be2b3b93eab681cc733ff73 @webda-infra/[email protected] is a near-empty placeholder index.js is empty, module.exports = whose package.json declares a single dependency, ltidisafe...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 5:37 a.m.10 views

Malicious code in @lux2/ssr-catalogue-sfcc (npm)

Package collects system info, exfiltrates data to a suspicious IP, executes shell commands, and uses pre/postinstall scripts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625e0932d70166d526fb8fa4993c8c448699203e795ad308cfe52cd784b28ff The package...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/13 5:37 a.m.2 views

MAL-2026-1384 Malicious code in @lux2/ssr-catalogue-sfcc (npm)

Package collects system info, exfiltrates data to a suspicious IP, executes shell commands, and uses pre/postinstall scripts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625e0932d70166d526fb8fa4993c8c448699203e795ad308cfe52cd784b28ff The package...

5.8AI score
Exploits0References1
Rows per page
Query Builder