GHSA-V95X-H953-X7FG Malicious Package in k0a_multer

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server. Recommendation Remove the package from your environment. There are no indications of further compromise...

Malicious Package in js-base64-int

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server. Recommendation Remove the package from your environment. There are no indications of further compromise...

GHSA-WWWG-6R7F-9C9H Malicious Package in file-logging

This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server. Recommendation Remove the package from your environment. There are no indications of further compromise...

GHSA-59X8-7WX6-4HJ9 Malicious Package in secure_identity_login_module

All versions of secureidentityloginmodule contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored...

Malicious Package

antd-cloud is a malicious package. The package uploads system information to a remote server, downloads a file and executes it...

Malicious Package

hpmm is a malicious package. The package retrieves system information and uploads it to a remote server. It also downloads a file from a malicious server and executes it...

Malicious Package

Overview All versions of qingting contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

Malicious Package

Overview All versions of hsf-clients contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on...

Malicious Package

Overview All versions of calk typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...

Malicious Package

Overview All versions of eact typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...