Lucene search
K

41 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 2:32 p.m.12 views

Malicious code in ecto-nightly-spirit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...

5.4AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.8 views

Malicious code in dazaar-payment (npm)

The package 'dazaar-payment' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/08 12:45 a.m.2 views

Malicious code in redirect-ytimeb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9277037d47468c0c4478c0d43bebb1980e946cbea70391cae6ad12533f8fe78d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/01 5:8 a.m.6 views

Malicious code in notification-logs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38d50a72b129f2bbf4413f253f4cc198bb674e07061123d5ba873a3374ed7ecd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/03 6:50 a.m.5 views

Malicious code in blipkitgit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e899e9940707fc06d8dce8080f1ea4e59dbdfbb122526755ce4006c4e226d92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/11/27 12:55 a.m.6 views

MAL-2024-11114 Malicious code in vs-table-plugins-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca3296c3762b2860ae5450c32d26bec2d9e80c794905d8063b43474d5dc16802 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2024/10/16 11:59 p.m.4 views

MAL-2024-9313 Malicious code in 5pjh9i (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b146f124ef7685c191891b06d1253b04cb7df55faa519897a63f8156a8070f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/10/10 6:34 a.m.2 views

MAL-2024-9259 Malicious code in weekopendays (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 93ba5e4023f64fb06f60c47dd0ce7049a100ba6fce64b1fdca510badd9fc7eaa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2024/09/02 1:42 a.m.4 views

MAL-2024-8352 Malicious code in @diotoborg/hic-repellat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6eedda6ab3719d0859ff4329d1925972e814cdccff8f266b084555cb6a11e57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/09/02 1:42 a.m.5 views

MAL-2024-8308 Malicious code in @diotoborg/eum-pariatur (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7c09edc407163668a4a84c3cf5b0122d7e5449e199e415fcdab51298c03be9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/07/29 3:0 a.m.7 views

MAL-2024-7845 Malicious code in cordova-plugin-acuant (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ee353c7e6360a7550bd55e7929ef39d3d72273c2d3a370403e3a4082528fe30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/07/04 5:10 a.m.6 views

MAL-2024-7289 Malicious code in @zitterorg/nemo-tenetur (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41edbd03c6d4329bed5847f9b7b947f9220ea54a02ba2b59c008f835a1118a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/07/04 5:10 a.m.5 views

MAL-2024-7203 Malicious code in @zitterorg/eum-expedita (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c90afd8219be8d205f67ab3f266795c55b12b949e5f37d949aa2f282042550ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/03 6:53 p.m.5 views

MAL-2024-1447 Malicious code in @juiggitea/maiores-facilis-recusandae-debitis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dacb951df731573fec00991a5e94a410ae81ff4eb843261feb4b3b99286840a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.5 views

MAL-2024-851 Malicious code in wlwz-2312-7506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8cdf7577c7f14a65c7696c0bf599db4d39ca3a25ddd8ad778f9c44e6391ea64f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.13 views

MAL-2024-386 Malicious code in wlwz-2312-2400 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 69709eeca55777954deaf6bf1a57c194d36441645f62bd1e62d4d888b67926bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.7 views

MAL-2024-865 Malicious code in wlwz-2312-7702 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5087b60a2ac48b70b4534390da87ceb8b5517667a646d35a03ae0dfd163a3de4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/01/24 8:23 p.m.6 views

MAL-2024-352 Malicious code in wlwz-2312-2002 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef5a21b4890b9d34fdeab3641c6b164028928c6dff499835767120ab15120f45 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/09/21 1:38 a.m.12 views

MAL-2023-8190 Malicious code in @zettle-bo/account-statement (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e421dbf9f81cc4fbfbcfb01be2a65fa8509eb33a2be27ee6aab920ca00359f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References2
OSV
OSV
added 2023/09/14 2:58 a.m.7 views

MAL-2023-8104 Malicious code in fca-dongsexx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e54ae0b20028a7237a5d5284fa6a3fbae917dbe46cee4724c495d3e413eb0279 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder