Lucene search
K

10 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/03 7:10 p.m.13 views

Malicious code in strapi-plugin-blurhash (npm)

strapi-plugin-blurhash is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topolog...

6AI score
Exploits0References2
OSV
OSV
added 2025/11/24 11:47 p.m.3 views

MAL-2025-191443 Malicious code in uniswap-test-sdk-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe6b79cd83b108da1a067e001b5ee8a12f6b2b75ef559b4fca893dc2029eb1b6 The package uniswap-test-sdk-core was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 9:8 p.m.3 views

MAL-2025-190937 Malicious code in undefsafe-typed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71757e5cdef13d215b8506dfd5b00831fc29a7a24e208472c79fd40c2abe7967 The package undefsafe-typed was found to contain malicious code. Source: ghsa-malware 1a19664890dd6d9bba23c333e1095114841ef498dec4eaa02c1bff38bc80aa4...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 2:54 p.m.3 views

MAL-2025-190800 Malicious code in @asyncapi/php-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81619d0ddfa1696b71c550ba94be4ddbdaed53aaef37376f8024945422da51b5 The package @asyncapi/php-template was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 12:36 p.m.4 views

MAL-2025-190666 Malicious code in @ensdomains/content-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39aeb9f2a2d9a8ee1c57695456c8af6657d069eaee694ef7f8c128bb292bfabd The package @ensdomains/content-hash was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 12:6 p.m.4 views

MAL-2025-190649 Malicious code in posthog-react-native-session-replay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2487b6f3e3f9f2ef47f2509033fe071b332f5035e1e01320482eea928ae8a120 The package posthog-react-native-session-replay was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/09/16 5:5 p.m.4 views

MAL-2025-47355 Malicious code in ts-imports (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eccb885c4d87f75ef3479173055a689c6b90773619272c8ccf891bd342a7128b Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 4:11 a.m.4 views

MAL-2025-47273 Malicious code in @teselagen/file-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7da1a31ac60a5206e526134aa3bb58f83fa6e2d32f66cacf06f26a91de3b71f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/07/28 12:0 a.m.4 views

Malicious code in b2b-canaisdigitais (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4dc971b04d6b1823268396807c41d808cc18fd8c2b2094b5c9ee6fb342083172 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/03 12:0 a.m.3 views

Malicious code in samuelpoctester (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1f7b2e15c0c93b4a5ee61dc9bede38e31e95af4885247c9d4c30d4846d2d67ed Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

7.1AI score
Exploits0References2
Rows per page
Query Builder