3 matches found
Malicious code in stitch-fix-men (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0eac11d5514b7620fd60ea61fd8b8421be1caf4eedb0eab7204cb09cf9d48c43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1022 Malicious code in stitch-fix-men (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0eac11d5514b7620fd60ea61fd8b8421be1caf4eedb0eab7204cb09cf9d48c43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview stitch-fix-men is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...