Lucene search
K
OssfMost viewed

226591 matches found

OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:13 p.m.•8 views

Malicious code in elleuchdhsolvepwn (PyPI)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:11 p.m.•8 views

Malicious code in bigmathutils (PyPI)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:10 p.m.•8 views

Malicious code in bsure.utils (NuGet)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 6:42 a.m.•8 views

Malicious code in rowrap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 606ce541a3ef4a98e4e1639e96c6431e7ec83be6f987c640a63c03991eae4f6e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/17 3:9 a.m.•8 views

Malicious code in ember-power-calendar-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55191162c66f85fd90f4c2bb6354b569a7ab7cdc6a380289defcc8be784ed434 The package ember-power-calendar-utils was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 2:49 p.m.•8 views

Malicious code in n8n-nodes-format-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b8b8fc0a97b9f9e3203a35534d7ff6518dbe0e53753093610315382e5f40b0e The package n8n-nodes-format-utils was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 11:54 a.m.•8 views

Malicious code in @jaime9008/math-service (npm)

Package classified as malware due to code obfuscation, use of eval for code execution, and a low number of published versions. The file lib/lib.js contains same obfuscated malware dropler as malicious react-refresh-update package, the author is same for both pacakge. --- -= Per source details. Do...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 10:13 a.m.•8 views

Malicious code in changelog-logger-utilities (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7df10f389f394a16d448bc3f80b0b77a100506b76590ef476e6b688e59d62d9f The package changelog-logger-utilities was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-typescript (npm)

The package 'transform-typescript' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in syntax-export-extensions (npm)

The package 'syntax-export-extensions' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in typescript-vue-apollo-smart-ops (npm)

The package 'typescript-vue-apollo-smart-ops' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-dev-warning (npm)

The package 'transform-dev-warning' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in vue-scoped-css (npm)

The package 'vue-scoped-css' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-member-expression-literals (npm)

The package 'transform-member-expression-literals' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-react-jsx (npm)

The package 'transform-react-jsx' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in @storylane/uikit (npm)

The package '@storylane/uikit' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-es2015-duplicate-keys (npm)

The package 'transform-es2015-duplicate-keys' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in transform-for-of (npm)

The package 'transform-for-of' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•8 views

Malicious code in dazaar-payment (npm)

The package 'dazaar-payment' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/15 9:34 a.m.•8 views

Malicious code in dgl-cu117 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4f9fcfe9f469df3c132eca5b08bac4a30c146c7b1305f506fd900b1e78581b0d During import, package decrypts and runs a malicious executable. The executable is hidden in an encoded and xored form in the JSON resource file. This is a...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/13 8:20 p.m.•8 views

Malicious code in fastapi-middleware-cors (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 305178589615e2247b892b3e305e5fd69a0fc02092f0b115b6b384441f5ddd46 Library disguised as FastAPI helper is executing obfuscated code during importing the module. The code is highly obfuscated; the code seems to contain an...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/13 3:38 p.m.•8 views

Malicious code in cw-isdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae10c11f397ea01855bd467e8a77fc7f7ccb97477c54bfee0bae46cd5c324ca4 The package cw-isdk was found to contain malicious code. Source: ghsa-malware 54e686b27022344685c371190035a9586a04498a711c2456bdd9b5644c43c833 Any...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/13 6:47 a.m.•8 views

Malicious code in tradepmr-fusion-core-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c349b8764d0420102fac6617d31810af64e670f6939bed61097a46458ab41c4 The package tradepmr-fusion-core-drzak was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/13 5:34 a.m.•8 views

Malicious code in @immuta/feature-flags-core (npm)

Malicious package due to data exfiltration to a hardcoded IP, command execution --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5faa2e2b3afed77ff19adb0b231de0a6ecdd10f713507e643a56d3d5503b1e47 The package @immuta/feature-flags-core was found to contain malicious...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/12 6:9 p.m.•8 views

Malicious code in spectral-corsair-my-backdoor (npm)

Malicious package detected. Suspicious preinstall script exfiltrates data to a remote server. Multiple YARA rules and LLM analysis confirm. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0826a28f7948e68cdddd6260a01c3653a7f04deb2c9368054243ed47713ee353 The packa...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/12 2:18 a.m.•8 views

Malicious code in libsignal-mod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 211e000c840d09f14adc470cd83c124e8a4e49249e78c8a759693e3678c63da2 The package libsignal-mod was found to contain malicious code. Source: ghsa-malware bb9ca486dd8fcc83473d13eb8fd8c5f8881d2be2d8301a167de2d40ad8513c51...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/11 12:41 p.m.•8 views

Malicious code in collectables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e007c43e26edb912325f1478ec6cd5cd838b5d7e5ae62beedd3baa02638b3dc4 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/11 7:44 a.m.•8 views

Malicious code in anontest123 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f4d47757d3ee2d0dde7ed82934a06bf64343c344a7b090cf77f05dcd73f813a5 Installing the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/11 6:19 a.m.•8 views

Malicious code in mui-path-imports (npm)

The package 'mui-path-imports' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/10 1:4 a.m.•8 views

Malicious code in iron-fit-behavior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d3440b6e1d8f6bfca21cf53c207a766d966cc2ba5033d8557c044c91a8b950 The package iron-fit-behavior was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/10 1:4 a.m.•8 views

Malicious code in iron-media-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 548ed1fd1be98d1ed340a991d8db46117cdd8cdd2a43f625408015ed6714d778 The package iron-media-query was found to contain malicious code. Source: ghsa-malware 159ebd19facb8454d0a41a0815dc3f3c0516dfc4f7a7ac22c5ea3f106fd008...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/09 10:44 p.m.•8 views

Malicious code in jsonify-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a8aa1030a7553e5aa40c2770df5c5945ccce7110fbe89a5931b7003453aa08d The package jsonify-core was found to contain malicious code. Source: ghsa-malware 15401bad013f01305211dd3ab1307a4ac9383ef3846645fd154ab648ce77e956 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/08 4:29 p.m.•8 views

Malicious code in demozecosse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd7840785d53d90edc61c6138072f4ed7a01b35dd05d76d9d6f5343ec93bff7 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/06 5:1 p.m.•8 views

Malicious code in hostlists-plugins-default (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 21b72625bb74661ae95d3317fe4384105bb6dd6d026b049f84a192aeeeeae9df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/05 3:50 p.m.•8 views

Malicious code in pearpass-lib-data-export (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd09913040448b75ce4023605c2191efccf04f01c8e894d4044e8ee3a04fa67c The package pearpass-lib-data-export was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/05 3:26 p.m.•8 views

Malicious code in nf-referral-backend-placeholder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44ad77b1a6ac52b4914c8516043f3f52e27f4a328b2940bf5b4d9c63e66662b2 The package nf-referral-backend-placeholder was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/05 3:5 p.m.•8 views

Malicious code in spectral-corsair-navigator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4faab7d9e9e24067cf0a0ef23c529b2622cbb91b654a35430742ec584b827a54 The package spectral-corsair-navigator was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 11:29 p.m.•8 views

Malicious code in dakhara (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f530f4be41fa64a7275884280c22fb98a85accb8ef50538cd7677a109bfe3e29 Running the package automatically starts a Telegram bot waiting to execute remote commands. The bot credentials are dynamically collected from the pastebin. --...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:2 p.m.•8 views

Malicious code in optimal-spark-config (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a1c1bf78d6e3b593fd29329b4175a48c645abf4b4b63e93db68f25221329d14c During installation, the package starts obfuscated code that attempts to exfiltrate some basic information using DNS requests and then likely cover tracks by...

6.1AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 3:23 p.m.•8 views

Malicious code in demo-pipelinetest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cdbe67e8fa0e92aa8f588916bbaf7b0c041cd6613636172f671c1a6251df15e The package demo-pipelinetest was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 11:19 a.m.•8 views

Malicious code in gaia-marionette (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81308c35c4cad5bf3f87f791133f9aff53485b715060135829785be1d33b2e1d The package gaia-marionette was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:50 a.m.•8 views

Malicious code in chai-as-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 303ff6a2f2561ea67c1d084cbfc1ebdd5364668aab3d06257cb2cbeea42ce5a3 The package chai-as-mock was found to contain malicious code. Source: ghsa-malware 6ab0e6eb41241ac06a623d9e7fa230c2d68067904fd48aa422ab8c2db1cd23e4 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:45 a.m.•8 views

Malicious code in tailwindcss-forms-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5581b4e4ac6d5e02fe8dd2de23b1267ad2ac1b40a0c5be4cd284af8c6979588 The package tailwindcss-forms-animation was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:42 a.m.•8 views

Malicious code in typescript-constructors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844c09a21118cd1492d232a90aba55fce7e45e4558fe560c47b8a8c347138b89 The package typescript-constructors was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:42 a.m.•8 views

Malicious code in tailwindcss-forms-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a402948dc389c4a201ac4271a843d78a5131d377a3904fe178b51c6aef5adb The package tailwindcss-forms-component was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:39 a.m.•8 views

Malicious code in bmath (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b73a3f9e6d238ce5727a57fc31cba103d7e055670b067f001099b8f0c487519b The package bmath was found to contain malicious code. Source: ghsa-malware c3d39abb57e51336f455810ef3c907094fe6636bd1c6acf046edfa02720968d6 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:38 a.m.•8 views

Malicious code in demo-ip-package-cm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 756fbc97ea8b65830898805513bede65c955e6ae300a4d19574e984d17615b37 The package demo-ip-package-cm was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:38 a.m.•8 views

Malicious code in demo-ip-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f9378de5524843952c850c47aae7cc5373145c2b41032b764da720e9a0656f The package demo-ip-package was found to contain malicious code. Source: ghsa-malware 9377708b245cac5b751ac6dc75d9218b993bcb4cebed6f2049a542868f5df31...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:36 a.m.•8 views

Malicious code in flycord (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f477b30e27717915d1f5a29429d03c3ca68513e4c2b8faef87404ee2dd399324 The package flycord was found to contain malicious code. Source: ghsa-malware 2a8f9b1be8c669768e145dc79e2d5345b794d5b06f8e1b87a1371efce3339395 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 6:32 a.m.•8 views

Malicious code in @twilio-client/twilio-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d655ae7b2eb263b5d3c630c72182a60a7012272acc57f1816eb73fd1c9119a97 The package @twilio-client/twilio-client was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Total number of security vulnerabilities5000