Malicious Package

Overview sign-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

Malicious code in sign-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e300b5f52fc165080a7c0a9eee170ee453c31a0419dc65e004a64b0749b699cf The package sign-client was found to contain malicious code. Source: ghsa-malware d46bf80205dc64dc9e6d65d1208f0b6e1a978d8dfdd555fbb2c9eb31805df69c An...

EUVD-2026-3742

Malicious code in sign-client npm...

MAL-2026-429 Malicious code in sign-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e300b5f52fc165080a7c0a9eee170ee453c31a0419dc65e004a64b0749b699cf The package sign-client was found to contain malicious code. Source: ghsa-malware d46bf80205dc64dc9e6d65d1208f0b6e1a978d8dfdd555fbb2c9eb31805df69c An...

[SECURITY] Fedora 23 Update: obs-signd-2.2.1-8.fc23

The OpenSUSE Build Service sign client and daemon. This daemon can be used to sign anything via gpg by communicating with a remote server to avoid the need to host the private key on the same server...