3 matches found
Malicious code in ys-mozi-metrics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22928c2bf616a636fd9bd355579f92c3088f3e8abdd989e18487c4f347d06b50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-7370 Malicious code in ys-mozi-metrics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22928c2bf616a636fd9bd355579f92c3088f3e8abdd989e18487c4f347d06b50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview ys-mozi-metrics is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...