Lucene search
K

65 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:2 p.m.15 views

Malicious code in codex-devcontainer-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8248bf278df1e89da484099e912cdf9f8659976469a219bee14a03e2755391ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/23 12:0 a.m.13 views

MAL-2026-4277 Malicious code in dev-env-bootstrapper (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/04/13 3:33 p.m.5 views

MAL-2026-2621 Malicious code in walmart-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4cb99836d95f651dcdf50a02819e299598fbb9e62a702601ce6fa89c3ed6ec0 The package walmart-internal was found to contain malicious code. Source: ghsa-malware 88f5dbf5cfe998f7ad3015cadd6b280accbeb5aadf15cdc7575f4f83a6f572...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/23 1:47 p.m.7 views

MAL-2026-2100 Malicious code in shakti-pwa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bdac10e664bf4e0a73263401629caf12d2ed80e3cf76f36fa18a7c2d599e5229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 3:51 p.m.6 views

Malicious code in delta666 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8eaa59df9b36fbda7fdbb9f429aa77b3dd4ce913b22d3e1f7991750136306a The package delta666 was found to contain malicious code. Source: ghsa-malware ed1b6c9a5c4e82e4f1f205e90a5ac9c271dccbf998e06ed81199102594e23d0f Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/01/20 3:57 a.m.5 views

MAL-2026-357 Malicious code in chai-bin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70584b6893352163c2a0c5341a2e577feaec7949d8719725a62e0d87e5b1d542 The package chai-bin was found to contain malicious code. Source: ghsa-malware a1636ea6e8016a1000135fcda28819cd75c13f4a95933606b7e792737fe630f0 Any...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/01/12 1:57 a.m.3 views

MAL-2026-215 Malicious code in auth-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0897a10b33b937c04d8f134ccac05ecdfd6050bbfaffbb07cd3ade9256bd24 The package auth-types was found to contain malicious code. Source: ghsa-malware 1096a2a969c582b5029b85a0c4eb85eec4d53f96c178a1523abe0978392a139d Any...

6.8AI score
Exploits0References1
OSV
OSV
added 2026/01/06 2:33 a.m.3 views

MAL-2026-63 Malicious code in oj-sp-common-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8c112d75458c1c8c9af95739b5a983b3617fbb578a147933a3d4cab77360dc4 The package oj-sp-common-util was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/11/25 9:42 a.m.3 views

MAL-2025-191464 Malicious code in mayhem-wma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d242ed0467287371909e2fef415c86d7688c77b9a33f6b43c52d37bfc2d7fa6e The package mayhem-wma was found to contain malicious code. Source: ghsa-malware 9f00d5cfad9006d0cb83e7249554304291a746a42a2191314e1b70990e854df5 Any...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/11/02 11:50 p.m.2 views

MAL-2025-49328 Malicious code in parallel-coordinates (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57a6532ff0ec9ac1daec9c21c05c508de189c1f5d5012fc6b8aee4feb9ce2b43 The package parallel-coordinates was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:46 p.m.5 views

Malicious code in bernie-plugin-datadog-rum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0197846dec97a3a236eb5ede3d773adb5c175e3a2e0a497138424270d1610d9a The package bernie-plugin-datadog-rum was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/10/09 9:6 p.m.2 views

MAL-2025-48216 Malicious code in redirect-sr2min (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 398493b4ccdee71bf59ddce4b7e65c0cb03aaac407524377ebda89df58587409 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:28 a.m.4 views

Malicious code in @openzeppelin-compact/compact (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8318ee6c50491086374edce68740eb2b1f5827840f0dfd1d428881cfb50b4173 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
OSV
OSV
added 2025/09/15 10:16 p.m.2 views

MAL-2025-47165 Malicious code in @nstudio/nativescript-loading-indicator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b551e46bc14865c379331dce05e3f6adb61e5f385acc0aa24b912176766d0c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/22 1:50 a.m.5 views

Malicious code in aspida-lsd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc2eb7e748df3c152fd014eb7b9ff3d3933451500a1ef3fd8af63811ed846de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/16 6:12 a.m.3 views

Malicious code in xeno-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4584c129d15f1b447b33ff8077afcf4b79d34b44dd6c9752ffa9a028790f9bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/15 1:11 a.m.3 views

Malicious code in dark-switch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12148dc0d61c4e63738c356e019b3cc4d6ef0b5f1b23fae084daa1be5dccefd5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/08 4:52 a.m.4 views

Malicious code in my-js-cdn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ded23b9cb07e2872a7f6c888c1561c2341dbefc0efe38eed634d46229785725 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/28 12:23 a.m.3 views

Malicious code in online-learning-ui (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 853a4095a2f08a67260f3c2220bc45ef9484b10db0a4f909560bf36485cb54cf Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/19 10:18 a.m.2 views

Malicious code in node-orm-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbb41a965942183f81095d4f0ef7ad9d7f21c6e22811b0dd5781a5603497236e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder