3 matches found
Malicious code in qb2-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccaba51ce2f483353a479caa2c736c3ae023bf6b83eace0030e7e1853d3605bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-717 Malicious code in qb2-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccaba51ce2f483353a479caa2c736c3ae023bf6b83eace0030e7e1853d3605bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview qb2-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...