Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in xnder-sdk-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aeeac149a5afa4797eea935b2a54b66fcf2cfd939fce855655208245ba9e5a7 The package's index.js is heavily obfuscated string-array shift/rotate pattern with hex-encoded indices and a while!! decoder loop. Obfuscation of th...

5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/06/10 6:43 a.m.8 views

Malicious Package

Overview xnder-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:43 a.m.12 views

Malicious code in xnder-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d6bc17ad9fb1a8705ba5311c309bd7a54178d893f44c0c5ea2b19172171eb58 The package ships scripts/script.js containing heavy obfuscation patterns string-array shift rotation, hex-encoded numeric literals, while!!...

6.3AI score
Exploits0References3
OSV
OSV
added 2026/06/10 6:43 a.m.10 views

MAL-2026-5491 Malicious code in xnder-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cac2bcdbeb978a93be7021106fbfcab7795f51b434141160391cb89df0a87ab The package contains scripts/script.js with heavy obfuscation patterns string-array shift loops, hex-encoded indices, while!! anti-analysis construct...

5.5AI score
Exploits0References2
Rows per page
Query Builder