Lucene search
K
OssfMost viewed

226596 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:43 a.m.15 views

Malicious code in mymaldependency (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38372ffa2ec19cee68f769508d95ffb4f5c1878aeae058ce3e7a33b947d06cf1 MyMalDependencypackage/init.py executes on every import: it calls os.uname and os.getcwd, writes the results to./trans.txt in the installer's working...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.15 views

Malicious code in 8oo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c949ba1ac1cd3a6c96d3f1fc8c32cdc64cb9474fa07dd6633ebf4f69073a495 The package's main entry index.js executes an IIFE at require time that loads 66o.js, which replaces the global console with a Proxy. Every intercept...

5.9AI score
Exploits0References16
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:41 a.m.15 views

Malicious code in guan (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e04a9a658bc7616e72a5edf276dd049e5b697f2492c46929caf2e01fac95d84 The top-level src/guan/init.py unconditionally calls statisticsofguanpackage on every import guan. That function in src/guan/others.py opens a raw TC...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.15 views

Malicious code in agentwork-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.15 views

Malicious code in @mesadev/saguaro (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:24 a.m.15 views

Malicious code in @squawk/types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3774c2374f8e3ab7673400940dfc50d0826239ac34fd2e1170c7ab4c48de6a7 The package @squawk/types was found to contain malicious code. Source: ghsa-malware 14506d7385d737662e11382d460e176a16e727348a5b09cf27325bfbd4566f83...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:0 p.m.15 views

Malicious code in @mistralai/mistralai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23235945a2d68899f5fe2e6eafaefa0a98f2120697d41a40d26615e41aceb916 The package @mistralai/mistralai was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/09 1:56 p.m.15 views

Malicious code in apple-mycelium-fix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e69a2534c8bb0842243808b87451a399a8fc121ee56e755a33627f21035f8e33 The package apple-mycelium-fix was found to contain malicious code. Source: ghsa-malware...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/09 12:0 a.m.15 views

Malicious code in haswons (npm)

haswons is a typosquatting package impersonating hasown, the utility for checking whether an object has a direct own property. The package bundles the legitimate hasown source to appear functional while hiding a credential-theft payload in index1.js, executed at install time via the postinstall...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/08 9:2 a.m.15 views

Malicious code in crypto-bot-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3ece4ae851dba85751377f47097bd30525eafdcbf8cd08b57d2a06aa3a02b367 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/08 7:29 a.m.15 views

Malicious code in wallet-utils-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c6b0bc86ba79fbf578e23fb2eeb78129ba07b9a274e2e8f780b0d427065290e The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/07 12:0 a.m.15 views

Malicious code in camelotlabs-core (npm)

Five packages camelotlabs-sdk, camelotlabs-core, camelotlabs-config, camelotlabs-worker, and camelotlabs-utils were published to the public npm registry at version 99.0.0 by the actor madman0619 as a dependency confusion attack targeting the internal npm packages of Camelot Labs. The inflated...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 8:53 p.m.15 views

Malicious code in rogiant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 1:43 a.m.15 views

Malicious code in tinfoil-shops (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12060d7ba8ada1f0215277ed3936de1f8e9f03d47430fe816b634778291d7024 The package tinfoil-shops was found to contain malicious code. Source: ghsa-malware 5fafb06ed458abc37062e49cbd57b0e5c348dba7d88d1524ca5df198216d7326...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 12:0 a.m.15 views

Malicious code in paypal-payouts-bridge (npm)

Malicious npm package published by the microsop threat actor as part of a dependency-confusion campaign that impersonates internal tooling at Microsoft, Google Cloud, and PayPal using inflated semver values e.g. 99.9.x, 100.1.x to win npm resolution against private internal packages. All packages...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 9:26 p.m.15 views

Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/03 12:16 p.m.15 views

Malicious code in puan3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 531ab02814e67f81e5c82fb57b72d59c3972d0975932f6e9d00ea680040e9a13 During import, package automatically starts a connection to a C2 server, exfiltrates information about the host and data like the browser's history and sensiti...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/25 6:6 p.m.15 views

Malicious code in @google-pay-trust/authorize-payment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34948be5ad2a3e52a1e1c577dafd82b6711762743bfd51bfd6433e7a780f7e36 The package @google-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/23 3:54 a.m.15 views

Malicious code in rollup-plugin-polyfill-route (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae32c5ba788989f856ede10fa991e6dafa8d9263b0f5fc7384c69fba97e41d4a The package rollup-plugin-polyfill-route was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 8:48 a.m.15 views

Malicious code in @bmg-web/bmg-collapse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fac63a733e9add336ae6a3fa8cf87b72abbe29bb1efeb397b54dd35f2875fcd The package @bmg-web/bmg-collapse was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 10:5 p.m.15 views

Malicious code in chai-use-chains (npm)

chai-use-chains is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/01 9:11 a.m.15 views

Malicious code in base-x-64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2486f9bad36944300cb58e1a73a370afef7be10040daf814861d1b1a6287cdb8 The package base-x-64 was found to contain malicious code. Source: ghsa-malware d09ca9d36cb3821dc878f97db3b7e8ddef6f5f8e390373492186d10b668718f3 Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/01 9:10 a.m.15 views

Malicious code in @logcore/pino-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 12:48 p.m.15 views

Malicious code in agoda-dep-confusion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa0bc71a76133f8ba2469aab72a42ed605c22eaf6a3816754f5dff2cb21fa87 The package agoda-dep-confusion was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/19 8:24 a.m.15 views

Malicious code in whatnot-manifests (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f0504ddd24de9ec3870bb8fc657436f5a61e3f6327f0e044bc380bfe3479d40 The package whatnot-manifests was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 1:12 p.m.15 views

Malicious code in testctfproject3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac5d94cd8502eef9cfde3cf2cf891a6188172c6df1a8bcc20806c7ba15b7855d The package testctfproject3 was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 1:9 p.m.15 views

Malicious code in smm-yt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d0a38085e1e5c5be475b6ae3387d915541a3aea8d1b8ac6869a1125f3c47d0d The package smm-yt was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 1:7 p.m.15 views

Malicious code in react-state-optimizer-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 782cd7f3728f924a764bf54c8c73a27b8170cdf85f11902e6d8d806db39fa172 The package react-state-optimizer-core was found to contain malicious code...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 1:5 p.m.15 views

Malicious code in proleis-web-scanner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99bb886b0dde88d16ff59ed346f20f0b69a299a33070c16def5b659ba308a3e8 The package proleis-web-scanner was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 1:4 p.m.15 views

Malicious code in player-common-controls (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aef58425992286c8ee1bba6bb26ba161a52a852bb7ed8a6087e737b91d02e8b The package player-common-controls was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/12 2:18 a.m.15 views

Malicious code in praxis-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f147ac7e867b493ef159ddfdd294c57a1bfbbd8e502037178470c37345ca0628 The package praxis-scripts was found to contain malicious code. Source: ghsa-malware 9cf02a0374cd88b4ae46f34a484f0441ea2bfaf3c6799812ea6b4cf4e916cd0c...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/02 2:27 a.m.15 views

Malicious code in loadash-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8a6b55079998d38c9458ab6cae73e677bccc96d3965a9e6584e85c0450c2695 The package loadash-lint was found to contain malicious code. Source: ghsa-malware 9ad2a23ceb26c4b6ac051ac94acfa976eda403c11d9eaf9833d2b9206a5d2155 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/23 12:37 p.m.15 views

Malicious code in request-httpx-4 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b0c661d240f626319e5ff1e52562ca1d4a8a6c741126a91e4d46a9ed639cfc0d The package contains a Telegram bot running allowing for remote access. This functionality is disclosed in the readme, but the package name clearly indicates...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/12 1:59 a.m.15 views

Malicious code in xml2js-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c18f9df8257f4f610dbfd70460757eb36539314c7cce4d9eda82758da6984725 The package xml2js-js was found to contain malicious code. Source: ghsa-malware cf7cd10255ee6ff91469e7f180436d90c3eca29de3dc0b3f883c13403ca30132 Any...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/10 12:12 a.m.15 views

Malicious code in EffetMer.darkgpt (VSCode)

The package downloads and executes a hidden executable from a malicious URL...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/29 5:40 p.m.15 views

Malicious code in eslint-plugin-react-hooks-published (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 647dedd2c8ea8a9cef54b85666b74459095d17369da310d54a0c1960f87dafe6 The package eslint-plugin-react-hooks-published was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/22 10:3 a.m.15 views

Malicious code in airbnb-react-router-legacy-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64d31fa6c9b6cd0a9e87216ce93110698b49f1fede30d3f090902284a5153613 The package airbnb-react-router-legacy-v3 was found to contain malicious code. Source: ossf-package-analysis...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 5:55 a.m.15 views

Malicious code in jeronimoekerdt.color-picker-universal (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1b0ef4a151e758eadda67d487723883b42f68292fd4dc8019068838e08faa8 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/27 7:29 a.m.15 views

Malicious code in @chatgptclaude_club/claude-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a4754ec4fdda490eb8df83dba70a4eca2d697b1db00133e748d26661ebc17a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/01 9:47 a.m.15 views

Malicious code in diet_earthsmoke (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 83df3701a52a02b6ef7891d5d4151dbb02e7c649eb524a250a2992c625f82529 The OpenSSF Package Analysis project identified 'dietearthsmoke' @ 0.3.1 rubygems as malicious. It is considered malicious because: - The packag...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/26 4:53 p.m.15 views

Malicious code in python-dateutil-malicious (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e746200736f98b51154e3cfbafa826ee92b8badb2005dac0e8fb4765cc3cbc57 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 12:0 p.m.14 views

Malicious code in @zynkit/jwtbytes (npm)

@zynkit/jwtbytes malicious version 0.5.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6.5AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:0 p.m.14 views

Malicious code in chai-as-uphelded (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7f5470790594e55393048fee0e7a9e6e6650776a06717258e410292d4dc8a9 Package name impersonates the popular chai-as-promised library, but its package.json description and keywords masquerade as a pino-style logger and a...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:28 p.m.14 views

Malicious code in runtime-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95ac68a991ebaacd1aef772aa462ad53510471f9f4439659a6e685e877aa460e On require, index.js lines 70-77 fetches JSON from https://jsonkeeper.com/b/CI3HT, extracts the .cookie field from the response, and passes it to new...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:15 a.m.14 views

Malicious code in easy-day-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8602a5a154b50bb6351900a08fa45d7814c0f152e4379dcae53ccfa0b83db891 Package name 'easy-day-js' impersonates the popular 'dayjs' library, copying dayjs's author 'iamkun', homepage https://day.js.org, repository URL,...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.14 views

Malicious code in npm-sandbox-research-e9f0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a18a9932f78294e22aa0a85077b9318233ab0952bc8788ae8987fce3e5002c93 Package declares a postinstall hook "postinstall": "node run.js" that executes automatically on npm install. The tarball ships beacon scripts...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 9:38 p.m.14 views

Malicious code in @gbrlxvi/ts-form-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20e77262ebb59497687fabfba394959da9ce6afbaf436aa5fcf654b2c8a44a32 Package advertises trivial form-validation helpers notEmpty/isEmail/isPhone/maxLen/minLen but on require/import of the main module performs an...

5.8AI score
Exploits0References14
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 9:10 p.m.14 views

Malicious code in mailconfirmer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb184ffa15fd011b84658a6b5cd68582e78827258a8373f0da1ef34248bfb09 The package advertises itself as an email-confirmation utility, but index.js contains only no-op stubs that console.log demo messages. The real...

5.6AI score
Exploits0References29
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 8:52 p.m.14 views

Malicious code in chai-utils-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64edd573a9e5fdef8dcde78f5b0c9fa00521f232b886be838104741d1e0535f7 Package name 'chai-utils-test' impersonates the popular 'chai' assertion library and ships a cloned chai source tree. The declared main index.js call...

5.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 8:24 p.m.14 views

Malicious code in @achuthvp/postinstall-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3dc0d7b5fc216ae117dda9c492a6bbdff46e49ab53f069c2d525dab001bcdb9 package.json declares scripts.postinstall = node postinstall.js. On every npm install, postinstall.js runs execSync'id' and POSTs a JSON body...

5.4AI score
Exploits0References2
Total number of security vulnerabilities5000