225573 matches found
Malicious code in chai-midpatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4deffa7a98fc055452391610a3ab832bace310cf34ecc058287f45cab02c656c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in webpack-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd3559fc62e362d5e4d5068126317096f7e2e483d97bba9f59e192a9d49a363 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in brave-search-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7d65e78a73a4cc2064d0ab9210a76c7c55f69553b70879dd649d7ad84e48dc0 The OpenSSF Package Analysis project identified 'brave-search-mcp-server' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in fundraiserserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c27dec042a9f69f24c1a2c860af27a2625740dbd7b7fc3d059659fae6f628c25 The OpenSSF Package Analysis project identified 'fundraiserserv' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in po-ops-local-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ed7a024c524e1a4bc29e2670d7dc00e5aa4c6891650c3c6bf38a2f388f4a3cb9 The OpenSSF Package Analysis project identified 'po-ops-local-dev' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in bt-signal-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d56152c37c3a078b771d2578dd86495783b51b886c96aa7ebb66a7ec36d72a24 During import, package exfiltrates environment variables and cloud tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in cms-helpgit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb11c1d166cf4cf2726b7b89e77a41224b1abe19c6666ea0f06bdc06ebf967c5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chai-as-minted (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24d83ed5082a6682efba4b40e072e84fb1f7c6aa0dbf8ecd56a62c8d485e058e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @tmecontinue/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91dc0ad891441e786e37b86bbf8e4f881519bcfd68db3525c1a38f2064dbbbfe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @telenor-se/core (npm)
Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...
Malicious code in @emcd-vue/b2b-pay-form (npm)
Part of a coordinated multi-package supply-chain attack impersonating EMCD emcd.io, a legitimate Russian cryptocurrency exchange and mining pool. The attacker registered the @emcd-vue npm scope to distribute multiple malicious packages posing as internal tooling under the "EMCD Platform...
Malicious code in @redhat-cloud-services/compliance-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @redhat-cloud-services/hcc-pf-mcp (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @redhat-cloud-services/vulnerabilities-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @redhat-cloud-services/types (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @redhat-cloud-services/entitlements-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in @redhat-cloud-services/integrations-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in retail-location-strategy-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 npm as malicious. It is considered malicious because...
Malicious code in ethers-hdnode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7fc28c232270f2534095dbfbc320845737c981a075ca9d542c2482d82a23a85d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in raven-i18n-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16965d1a02185ab8a7880951f6889127e66f0c1b3ffc718023ce2ac3593bffc7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-svg-animator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df0945fc4ef48dfcf552b844a84717606557a3d2ec592aa486a6f464eb290eb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @t-in-one/add_application_service_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/form_product_token (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @t-in-one/only_difference_payload (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
Malicious code in @qlab/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b7872b498f71081087798b86ec67dd7fc33ab268d9b36de04b7d5d2b2698205 package.json declares scripts.preinstall: node index.js, causing index.js to run automatically during npm install. index.js collects os.hostname,...
Malicious code in @service-suppliers/reset_country_list (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5e6ef79773321419089b562c7d3d0a2dc262c6f2e3337df06d953ac9b2a45a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @service-suppliers/set_suppliers_data (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0469f2493e0faa6db2b4dd70c85c58062f538457a60d4d4b77b44c861f665665 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @service-suppliers/fetch_initial_suppliers_action_saga (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5701c4e65352d4be1b2266c870a111f44803d475f58363cb841146d16ec43385 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @service-suppliers/fetch_suppliers_country_list_action_saga (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1019aabd4bb69e25840cb292802f34974e93eb6c61d783cd8e1bb054a33d182a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nemo-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42a43ec0a345170ad191fa1c25bdd4000595aa8ce733c6b9c69de6b65a1defb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @cloudplatform-single-spa/serverless-containers (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @car-loans/mobile-car-loans-application (npm)
Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...
Malicious code in @cloudplatform-single-spa/airflow (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/audit-log (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/bare-metal-servers (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/base-static-page (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/certificate-manager (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/corax (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/dataplatform-cloudberry (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/dataplatform-spark (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/edge-manager (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/evolution (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/marketplace-gigachat (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/ml-ai-agents-ide (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/ml-finetuning (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/ml-inference-comfy-run (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/ml-inference-model-run (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/mlspace-access-request (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/monitoring (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...
Malicious code in @cloudplatform-single-spa/notification-gateway (npm)
Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...