Lucene search
K

721 matches found

OSV
OSV
added 2026/04/29 10:0 a.m.6 views

MAL-2026-3179 Malicious code in mbt (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/04/29 10:0 a.m.8 views

MAL-2026-3176 Malicious code in @cap-js/db-service (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/04/29 10:0 a.m.5 views

MAL-2026-3178 Malicious code in @cap-js/sqlite (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/04/29 8:0 a.m.6 views

MAL-2026-3158 Malicious code in apple-internal-pki-trust (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/04/29 8:0 a.m.4 views

MAL-2026-3153 Malicious code in apple-infra-final-escape (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/30 9:29 a.m.5 views

Malicious code in pie-docs (npm)

This package steals IP address and sent it to C&C server in preinstall hook...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/05 9:39 a.m.3 views

Malicious code in harthat-api (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/05 9:39 a.m.5 views

Malicious code in harthat-hash (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/05 9:39 a.m.4 views

Malicious code in call-blockflow (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

6.9AI score
Exploits0
OSV
OSV
added 2024/09/05 9:39 a.m.9 views

MAL-2024-8842 Malicious code in call-blockflow (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

7AI score
Exploits0
OSV
OSV
added 2024/09/05 9:39 a.m.10 views

MAL-2024-8843 Malicious code in harthat-api (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/01 9:42 a.m.5 views

Malicious code in ndoe-fethc (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/01 9:42 a.m.5 views

Malicious code in safebs58.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/01 9:42 a.m.5 views

Malicious code in nodebs58 (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06acfd91a86ac73f0160fab5b4c198882f9f8dac8617c79b28f62ae487cbcf66 Any computer that has this package installe...

7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/01 9:42 a.m.6 views

Malicious code in layout-utils.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality...

7.2AI score
Exploits0
OSV
OSV
added 2024/08/01 9:42 a.m.6 views

MAL-2024-7886 Malicious code in safebs58.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

7.3AI score
Exploits0
OSV
OSV
added 2024/08/01 9:42 a.m.9 views

MAL-2024-7885 Malicious code in nodebs58 (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06acfd91a86ac73f0160fab5b4c198882f9f8dac8617c79b28f62ae487cbcf66 Any computer that has this package installe...

7.2AI score
Exploits0References3
OSV
OSV
added 2024/08/01 9:42 a.m.9 views

MAL-2024-7884 Malicious code in ndoe-fethc (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality. --- -= Per source details. Do not edit below this line.=-...

7.3AI score
Exploits0
OSV
OSV
added 2024/08/01 9:42 a.m.5 views

MAL-2024-7883 Malicious code in layout-utils.js (npm)

The package contains a preinstall hook to execute unhook.js, which has cryptocurrency stealing functionality...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/25 10:39 a.m.4 views

Malicious code in harthat-chain (npm)

The package contains a preinstall hook which silently executes a malicious script with downloader functionality. This is characteristic of an ongoing North Korean state-sponsored campaign...

6.9AI score
Exploits0
Rows per page
Query Builder