Lucene search
K

102 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 3:24 p.m.10 views

Malicious code in is-really-odd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f205432fff885dce7a6dee0e8d1267c65944d3e486abd566683caeaad833692 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/13 3:25 p.m.5 views

Malicious code in @mx-shared/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80722921f3ba7863b8f28031aa4edf777ce8e270fab10bcead75016a286cb125 The package @mx-shared/utils was found to contain malicious code. Source: ghsa-malware 30ead10eaa18cee42152061c23ee9a84c465e687911f78dd1ae0c613f1c2b1...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 6:11 p.m.9 views

Malicious code in @emilgroup/billing-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d6e9b450a96ca7b1280b8799dd80c62762d7025a50ea25eabf80c69eb0bb9e The package @emilgroup/billing-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/16 12:0 a.m.6 views

MAL-2026-1519 Malicious code in import-newlines (npm)

The package 'import-newlines' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/03 6:54 a.m.10 views

Malicious code in whop-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 943bd287cb6375798fdee15ba33f85737201ea9934952ee5d1f2a2336e8cd65c The package whop-sdk was found to contain malicious code. Source: ghsa-malware 4c3e9ca78194532c222b978afd00f7bb4be1ca1ba6cd442e1892d17ee6e67ccc Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/03 6:32 a.m.5 views

MAL-2026-1185 Malicious code in @bookings.microsoft.com/s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa10e8f4ab4580d4d9aedaee9a9e0c036b3248364f0680727df6871025d7e2f9 The package @bookings.microsoft.com/s was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/02/05 5:29 p.m.7 views

MAL-2026-767 Malicious code in 0xhash-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6533d0ccd6be4affddc7247e6f5e925ac35fbe47d877eb2cc0ace6e493acc497 The package 0xhash-utils was found to contain malicious code. Source: ghsa-malware df192d86e51f442508e66c54064ef3c8d9c2cbe92133f87a522bc968dc4f6f45 A...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 3:54 a.m.10 views

Malicious code in victim-package-b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152e8188fd82f0ea4ee410d725bb96ab33af5767241fcefb555ef8dfaffd39bf The package victim-package-b was found to contain malicious code. Source: ghsa-malware 324aadc54f696916c968e82f4704d088384eab1ce76c08f2a3d3d0aa59fece...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/01/06 3:58 a.m.4 views

MAL-2026-70 Malicious code in @shop-cicd/webpack-package-artifact (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ee6154f54d35f10e1bca4b64111deef6ab6c43c9ea291a7adfac091b7334ab0 The package @shop-cicd/webpack-package-artifact was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/12/30 4:5 p.m.11 views

MAL-2025-192978 Malicious code in tailwindcss-typography-style (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f2e4636e4f08bc04591afc5b27fce2e03dea82a9883b2dc8092a6f23fa6f55d The package tailwindcss-typography-style was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:50 p.m.6 views

Malicious code in @lui-ui/lui-nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aeaeb0138ac2e77901a8360aeeeec1038e7da06fabc4c4726a6fb2060f8d01b5 The package @lui-ui/lui-nuxt was found to contain malicious code. Source: ghsa-malware 7914345d453dc4753973e462d6f8e4cbd4d25656c98b9a22f073c9fdddb715...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/07 3:58 a.m.2 views

Malicious code in @chatclub/claude-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6acfccb78a615c7f037fe5dbd1001d9a77ca4015c89c94122ba5dd78978b66b The package @chatclub/claude-code was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/10/21 7:21 a.m.1 views

MAL-2025-48540 Malicious code in @jd-org/clear-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6d11360da81f86749d64e1c01171518474b7c636f9f729440f0a79dd1608e37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/10 3:9 p.m.4 views

Malicious code in matrix-charts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec928e940d4a9d80d7e512630b842c44283854acb9421a3ecb97c288f07fb7a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/10/09 9:4 p.m.3 views

MAL-2025-48214 Malicious code in redirect-sjcr8c (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1da0d4954d047b798675a52af826b4e894dcd3088d0199abbb6c906cc820d19d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/07 2:39 a.m.2 views

Malicious code in solarpeng_node_eval4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eeb42c5e6381f2debe4e94826c8e1a29e0b0d730abf69e5ca521d768cde1ea04 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/09/08 8:48 p.m.6 views

MAL-2025-46985 Malicious code in color (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3507ec02d0eb24c87e1f7621140bb5e6a4a343308e7ee8af79ef7f84617f8577 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

8.8CVSS6.9AI score0.00378EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/08 4:39 a.m.2 views

Malicious code in fe-hoc-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9891a9fd86134f0ca17dba8224c55c0e4ad7b0dbf8f5c61cce17218515d60f92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:25 a.m.4 views

Malicious code in athira-windows-x64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d29372690a56d28aaf32363029d85a2f0f5b5eddbe8a7a2bb62435171567b354 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/16 11:57 p.m.5 views

Malicious code in mfe-react-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f7835d0f6b232544302030371ac74d4c595860a04736a2ef54259a32993f9c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder