7 matches found
Malicious Package
Overview strapi-plugin-nordica-vhost is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-nordica-deep is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-nordica-recon is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-sync is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...
Malicious Package
Overview strapi-plugin-nordica-api is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
@adishare/strapi-plugin-import-export-entries (=1.23.2), @aller/svelte-components (=1.5.17) +62 more potentially affected by CVE-2025-57350 via csvtojson (=2.0.10)
csvtojson NPM version =2.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on csvtojson and may be impacted: - @adishare/strapi-plugin-import-export-entries =1.23.2 - @aller/svelte-components =1.5.17 - @arisonadim/strapi-plugin-import-export-entries...
@trycar-packages-org/tc-entities-production (=1.0.93), otp-generator-strapi (>=1.0.0 <=1.0.1) +12 more potentially affected by CVE-2021-23451 via otp-generator (>=1.1.0 <=2.0.1)
otp-generator NPM version =1.1.0, =1.0.0, =1.0.4, =1.0.1, =1.0.1, =1.0.80, =0.0.1, =1.2.0, =1.0.1, =1.0.5 Source cves: CVE-2021-23451 Source advisory: OSV:GHSA-6X93-H9G3-9PHR...