3 matches found
Malicious code in require-jq (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7305f50f59db220bfc80a952ab5be573b7d70d3889f37f817d3ef9af46c3c66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5756 Malicious code in require-jq (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7305f50f59db220bfc80a952ab5be573b7d70d3889f37f817d3ef9af46c3c66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview require-jq is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...