Lucene search
+L

116 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 1:12 p.m.13 views

Malicious code in optional-cpu-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dbbb7dd9c604ef3e5782d477d4db7c04c50f7906b19af03e63a540e0a44166e On npm install, both the install and postinstall lifecycle scripts run node install.js, which requires lib/sync.js. That file hardcodes BASE =...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/11 1:12 p.m.13 views

MAL-2026-5642 Malicious code in optional-cpu-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dbbb7dd9c604ef3e5782d477d4db7c04c50f7906b19af03e63a540e0a44166e On npm install, both the install and postinstall lifecycle scripts run node install.js, which requires lib/sync.js. That file hardcodes BASE =...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 5:0 a.m.17 views

Malicious code in @tonsdk/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9a9a70e3d8b322df960cb96b195f74693eb4d2ea284680e4cfb41a33f1848f8 @tonsdk/core impersonates the legitimate @ton/core TON blockchain SDK. On npm install, scripts/postinstall.js executes automatically and performs two...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:49 a.m.13 views

Malicious code in js-crypto-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d677e45bee46911d04564e9260f4b569119a4ca0a13a58bcd43760359fbb4f The package's prepinstall.js script base64-decodes a hidden URL stored in a constant misleadingly named HASHKEY decoding to...

6.3AI score
Exploits0References2
OSV
OSV
added 2026/06/11 4:49 a.m.11 views

MAL-2026-5569 Malicious code in js-crypto-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d677e45bee46911d04564e9260f4b569119a4ca0a13a58bcd43760359fbb4f The package's prepinstall.js script base64-decodes a hidden URL stored in a constant misleadingly named HASHKEY decoding to...

6.3AI score
Exploits0References2
OSV
OSV
added 2026/06/11 3:14 a.m.28 views

MAL-2026-5549 Malicious code in @403name/fsevent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f86ca4502cc824c3684e8f1e08b088b974b4339829461b50d45e3fbc6f808eb On require, index.js runs an IIFE that gates to macOS, skips when CI or GITHUBACTIONS is set, waits 30-90 seconds, and writes a one-shot marker at...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/10 6:46 p.m.16 views

MAL-2026-5526 Malicious code in chai-check-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e290b42de2cbd4aa74afa6550fc9a0381dfcb0f6996dcdc22254268b391f9f8 [email protected] impersonates the legitimate chaijs/check-error utility copied README, author metadata, repository URL, and exported API surfac...

5.6AI score
Exploits0References5
OSV
OSV
added 2026/06/09 9:31 p.m.12 views

MAL-2026-5488 Malicious code in react-pinojs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db767edd3581eec08793cb669f0ec59351e61f31501b6d4287b86baea512bb63 Package impersonates the popular pino logger homepage points to getpino.io, description mimics pino's tagline and executes a remote-code-execution...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/09 7:34 p.m.17 views

PYSEC-2026-207 durabletask 1.4.1, 1.4.2, and 1.4.3 contain malicious code distributed via a compromised maintainer account

durabletask versions 1.4.1, 1.4.2, and 1.4.3 were published on 2026-05-19 within a 35-minute window through a compromised PyPI maintainer account and contained malicious code. On import, the package fetched a remote payload rope.pyz from an attacker-controlled host and executed it. The payload wa...

5.8AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 3:59 p.m.14 views

Malicious code in @sqlite-node/createsql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6f2c4e3192b71fc68681fbb8c8216a5e581e9f2baaa13954172249a8ddf5b6 The package advertises itself as a SQLite toolkit but ships no SQLite functionality. Its main entry index.js is a single heavily obfuscated module...

6.1AI score
Exploits0References17
OSV
OSV
added 2026/06/09 3:59 p.m.11 views

MAL-2026-5396 Malicious code in @sqlite-node/createsql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6f2c4e3192b71fc68681fbb8c8216a5e581e9f2baaa13954172249a8ddf5b6 The package advertises itself as a SQLite toolkit but ships no SQLite functionality. Its main entry index.js is a single heavily obfuscated module...

6.1AI score
Exploits0References17
Snyk
Snyk
added 2026/06/05 8:7 p.m.16 views

Malicious Package

Overview moustick is a malicious package. This package contains malicious code that fetches and eval a remote payload from attacker-controlled URL https://www.jsonkeeper.com/b/MYUKZ on require in moustick/index.js. The payload is designed to extract RELAYERPRIVATEKEY and JWTSECRET from the victim...

9.8CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/06/05 8:7 p.m.11 views

Malicious Package

Overview cookie-parser-legacy is a malicious package. This package contains malicious code that uses another malicious package moustick Snyk Advisory as a dependency to fetch a remote payload from attacker-controlled URL https://www.jsonkeeper.com/b/MYUKZ. The payload is designed to extract...

9.8CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/02 12:0 p.m.25 views

RUSTSEC-2026-0155 `exploration` was removed from crates.io for malicious code

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...

5.9AI score
Exploits0References2
RustSec
RustSec
added 2026/06/02 12:0 p.m.14 views

`exploration` was removed from crates.io for malicious code

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.10 views

Windows BITS Persistence Tool

This script implements a BITS-based persistence mechanism with an embedded HTTP server and remote payload delivery for Windows...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.25 views

PT-2026-48942

A method within the exploration crate attempted to download and execute a payload from a remote site. The malicious crate had 1 version published on 2026-06-02, approximately 1 hour before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Kirill...

5.6AI score
Exploits0References3
OSV
OSV
added 2026/05/29 12:0 a.m.13 views

MAL-2026-5037 Malicious code in @t-in-one/application_id_storage_key_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.26 views

Malicious code in @cloudplatform-single-spa/virtual-ip (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.16 views

Malicious code in @cloudplatform-single-spa/clickhouse (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
Rows per page
Query Builder