41 matches found
Malicious code in ecto-nightly-spirit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...
Malicious code in dazaar-payment (npm)
The package 'dazaar-payment' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...
Malicious code in redirect-ytimeb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9277037d47468c0c4478c0d43bebb1980e946cbea70391cae6ad12533f8fe78d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in notification-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38d50a72b129f2bbf4413f253f4cc198bb674e07061123d5ba873a3374ed7ecd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in blipkitgit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e899e9940707fc06d8dce8080f1ea4e59dbdfbb122526755ce4006c4e226d92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11114 Malicious code in vs-table-plugins-antd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca3296c3762b2860ae5450c32d26bec2d9e80c794905d8063b43474d5dc16802 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9313 Malicious code in 5pjh9i (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b146f124ef7685c191891b06d1253b04cb7df55faa519897a63f8156a8070f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9259 Malicious code in weekopendays (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 93ba5e4023f64fb06f60c47dd0ce7049a100ba6fce64b1fdca510badd9fc7eaa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8352 Malicious code in @diotoborg/hic-repellat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6eedda6ab3719d0859ff4329d1925972e814cdccff8f266b084555cb6a11e57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-8308 Malicious code in @diotoborg/eum-pariatur (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7c09edc407163668a4a84c3cf5b0122d7e5449e199e415fcdab51298c03be9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7845 Malicious code in cordova-plugin-acuant (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ee353c7e6360a7550bd55e7929ef39d3d72273c2d3a370403e3a4082528fe30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7289 Malicious code in @zitterorg/nemo-tenetur (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41edbd03c6d4329bed5847f9b7b947f9220ea54a02ba2b59c008f835a1118a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-7203 Malicious code in @zitterorg/eum-expedita (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c90afd8219be8d205f67ab3f266795c55b12b949e5f37d949aa2f282042550ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1447 Malicious code in @juiggitea/maiores-facilis-recusandae-debitis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dacb951df731573fec00991a5e94a410ae81ff4eb843261feb4b3b99286840a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-851 Malicious code in wlwz-2312-7506 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8cdf7577c7f14a65c7696c0bf599db4d39ca3a25ddd8ad778f9c44e6391ea64f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-386 Malicious code in wlwz-2312-2400 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 69709eeca55777954deaf6bf1a57c194d36441645f62bd1e62d4d888b67926bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-865 Malicious code in wlwz-2312-7702 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5087b60a2ac48b70b4534390da87ceb8b5517667a646d35a03ae0dfd163a3de4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-352 Malicious code in wlwz-2312-2002 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef5a21b4890b9d34fdeab3641c6b164028928c6dff499835767120ab15120f45 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8190 Malicious code in @zettle-bo/account-statement (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e421dbf9f81cc4fbfbcfb01be2a65fa8509eb33a2be27ee6aab920ca00359f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8104 Malicious code in fca-dongsexx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e54ae0b20028a7237a5d5284fa6a3fbae917dbe46cee4724c495d3e413eb0279 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...