3 matches found
MAL-2023-906 Malicious code in trust-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc0592f3a898992e95d6073b40459a085c6fbb0e9691a63bc549f1689636ecdf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in trust-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc0592f3a898992e95d6073b40459a085c6fbb0e9691a63bc549f1689636ecdf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview trust-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...