Lucene search
K

210 matches found

OSV
OSV
added yesterday3 views

MAL-2026-10444 Malicious code in markable-table (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd358271f202636f12507f09da4e8f00c900ba46c9dca25a5a0526d35b75bf1d [email protected] declares scripts.preinstall = 'node index.d.js'. index.d.js base64-decodes an embedded payload and invokes it through an...

6.5AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in kuaishou (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1d5daf09cc7bfff164e60bf5abd0a1b374b5bb616f0a78cac8f6c6ea613608 The package's prepare lifecycle script, which runs automatically on npm install, collects host, user, and platform identifiers along with the full...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago6 views

Malicious code in nodemon-gulp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18cfb051ae84a8ed00bba3ae1eaf7720ec6479a402ae0540c6d66a7fa304f52a Package is published as nodemon-gulp but its contents are a verbatim copy of the upstream nodemon project: package.json declares author: Remy Sharp,...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in crypto-promiser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25594e7865a7525aebefd2f1fcc8060f144bf202b1986875e1cfd95564f66e88 [email protected] is a typosquat of the legitimate crypto-promise package that ships a dropper in its lifecycle scripts. The declared postinstall...

6.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago12 views

Malicious code in babel-eslint-parser-legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85a6f04cbf0697b6ae409fb9e5ad0e25812dac6a2f43bd95722f1903ee2f71f7 Package name babel-eslint-parser-legacy is a one-suffix confusion against the legitimate babel-eslint-parser. The package's own main is an empty stub...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 3:6 a.m.9 views

Malicious code in zod-pino444 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 560c3d47344d4da5dffac230236b5248d2f1856c221ffac7ff72d4e3b197957b Package [email protected] is a credential/secret harvester disguised behind a benign-sounding name. scripts/postinstall-agent.mjs is a...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 12:0 a.m.7 views

Malicious code in thirdwebb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwebb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/30 12:0 a.m.7 views

MAL-2026-6693 Malicious code in thirdwb (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. thirdwb is a typosquat of the legitimate thirdweb package. It uses a side-loader technique, pulling in log-taker as a transitive dependency; the infostealer runs automatically via that dependency's...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/29 6:39 a.m.17 views

MAL-2026-6580 Malicious code in loadutils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31f1f1f6292d782062f6fff1f7422d9f1dc0eb1572e4372d6c0d574ccea3ab3a Package loadutils is a typosquat of the widely-used webpack helper loader-utils. The shipped README documents the loader-utils API urlToRequest,...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 6:39 a.m.12 views

Malicious code in loadutils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31f1f1f6292d782062f6fff1f7422d9f1dc0eb1572e4372d6c0d574ccea3ab3a Package loadutils is a typosquat of the widely-used webpack helper loader-utils. The shipped README documents the loader-utils API urlToRequest,...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

MAL-2026-6672 Malicious code in ulid-xyz (npm)

ulid-xyz is a typosquat of the popular ulid library sortable unique IDs and is a cross-platform Remote Access Trojan delivered via a postinstall hook. The package.json postinstall superficially looks like an inline node -e guard that checks for the existence of a dist file, but it actually launch...

6.2AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 12:0 a.m.7 views

Malicious code in ulid-xyz (npm)

ulid-xyz is a typosquat of the popular ulid library sortable unique IDs and is a cross-platform Remote Access Trojan delivered via a postinstall hook. The package.json postinstall superficially looks like an inline node -e guard that checks for the existence of a dist file, but it actually launch...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/27 2:32 a.m.10 views

Malicious code in chai-as-persisted (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf9c49450e0fa0d47be1b6ae27991f844868ff6c435d2082948b5feae862709 The package's postinstall script npm run smoke:pino executes index.js, which spawns a detached node lib/initializeCaller.js child. That module hides...

6AI score
Exploits0References3
OSV
OSV
added 2026/06/26 6:16 p.m.6 views

MAL-2026-6533 Malicious code in react-dynamic-table-compenent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55ead8b66faca1e08b2babafa252da2371b535c010a5c14d8b0d0e2a44aadf8 Package name misspells 'component' as 'compenent', a one-letter typosquat of react-dynamic-table-component. The package's postinstall script runs nod...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 1:56 a.m.11 views

Malicious code in @dervix/ws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79b9ab7431b1a6a1250c089e2ea33f54ad92313f587fbd2aabc020c12be55f69 Package @dervix/ws impersonates the popular ws WebSocket library — package.json copies the legitimate ws project's homepage...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/25 6:39 a.m.6 views

MAL-2026-6443 Malicious code in agentsync-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b383c760dffae4a26d7f94b433bbe00dedb2426b23f4713610d6f5f36c594cf1 On every import / require'agentsync-pkg', src/index.js line 152 resolves bin/native/parser.node and calls require on it: const p =...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 6:26 a.m.12 views

Malicious code in bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 9:46 p.m.10 views

Malicious code in markdownlint-cli2-fix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7d5154ecbbcc636198bd2314e1916e5f0673d37ab7b14caca2ea96ad5ac5e1 Package name 'markdownlint-cli2-fix' impersonates the popular 'markdownlint-cli2' linter but contains no linter functionality — the README states...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/23 9:46 p.m.7 views

MAL-2026-6353 Malicious code in markdownlint-cli2-fix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7d5154ecbbcc636198bd2314e1916e5f0673d37ab7b14caca2ea96ad5ac5e1 Package name 'markdownlint-cli2-fix' impersonates the popular 'markdownlint-cli2' linter but contains no linter functionality — the README states...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/22 10:38 p.m.8 views

MAL-2026-6274 Malicious code in web3-token-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c826bf782895b60580b94e3a28a2c4562d3742420ce81e9895ad8568da57890 The package advertises itself as a Web3 fee utility but its main export is a dropper. index.js line 140 base64-decodes a platform-specific command...

5.8AI score
Exploits0References9
Rows per page
Query Builder