Lucene search
K
OssfMost viewed

226444 matches found

OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in @2oolkit/hyperliquid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in @chahuadev/junk-sweeper-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d446150767f92344d8d0a699f5879bd746200fb8beb60554408699868f03d51 The package's postinstall script package.json line 10: "postinstall": "node install.js" unconditionally fetches a platform-native executable from...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in 11j (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad371791d84a3c28ca12b62bae45a07567847b7df025c93611f8f504a1c869 the analysis identified unambiguous malicious behavior in log.js the package main: an IIFE executes on require/import that monkey-patches...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in @mesadev/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in @mesadev/saguaro (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in agentwork-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in guardrails-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in ml-toolkit-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in @draftlab/auth-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 3:26 a.m.•14 views

Malicious code in @uipath/apollo-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 235b3abc1afad9d8a47430183286bbef61e16f74be20b29c7d967a8d528ecdf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 2:21 a.m.•14 views

Malicious code in @tallyui/theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34578fa5c77db2b21dd15d3357fc2b7c4d36a2ce4d1d44f86daa5c04561d662c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:59 a.m.•14 views

Malicious code in git-branch-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dab170d586455af0816362e715de0907ddaa19adb87c68ef59255139322dde69 The package git-branch-selector was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:26 a.m.•14 views

Malicious code in @squawk/navaid-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 966263f7b58fca4470e282294f432c7c78d25b154b3c6daf6580d2b426a5e004 The package @squawk/navaid-data was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:24 a.m.•14 views

Malicious code in @squawk/airports (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01fabaad6adcf6ba78ba71fb750d70c8e3f3a1e524a75a6b8bf8ddc7769ac5b0 The package @squawk/airports was found to contain malicious code. Source: ghsa-malware f8adf8853b03c99d84b919062f8c688b4bfb42f72cc9de33299fe3e3f9a2b9...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:22 a.m.•14 views

Malicious code in @tanstack/router-vite-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59c369975f931e9f8a4ca499e887c2ec41f7d1dbfcdcb83fa9e6ec9717ea4910 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:21 a.m.•14 views

Malicious code in @tanstack/router-ssr-query-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 388949e6add086eda74454a083d7f720fe77716c9c3f18746ba90206a5ebbab5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:17 a.m.•14 views

Malicious code in cross-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe06155444d60d3774a256051b31f6a4814f484f33830cbe61eec7ebe611be6 The package cross-stitch was found to contain malicious code. Source: ghsa-malware 7c23bb77e762be76915e8202d11074aaa122efe0a8a32e403fa00ee8563c9bbe A...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:1 a.m.•14 views

Malicious code in @tanstack/start-storage-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7021ac6b47d0f973f936ca9d15cd26f43a01b1151ce691ec8b10be5001be2bb This version of @tanstack/start-storage-context belongs to the @tanstack/ package family that was compromised via CI cache poisoning, with 42 package...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/09 5:34 p.m.•14 views

Malicious code in ggfmttygl-new (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2098233a75602dd1779f720f566420f4a88ec77694b206e7858323b5aeea38d5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/09 1:56 p.m.•14 views

Malicious code in apple-mycelium-fix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e69a2534c8bb0842243808b87451a399a8fc121ee56e755a33627f21035f8e33 The package apple-mycelium-fix was found to contain malicious code. Source: ghsa-malware...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/09 12:0 a.m.•14 views

Malicious code in haswons (npm)

haswons is a typosquatting package impersonating hasown, the utility for checking whether an object has a direct own property. The package bundles the legitimate hasown source to appear functional while hiding a credential-theft payload in index1.js, executed at install time via the postinstall...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/08 7:19 a.m.•14 views

Malicious code in crypto-kit-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3c7b3526469db1bb04a5875cfcb3a1e41fe3f9c697b6d63e497a15d1177cb1b The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/04 8:53 p.m.•14 views

Malicious code in rogiant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/04 3:2 a.m.•14 views

Malicious code in @google-pay-trust/start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16feef8620dbb1f3b6c7c6c67f9f7883438f368a3bfd2c2c591d7f30467e67c4 The package @google-pay-trust/start was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/04 1:43 a.m.•14 views

Malicious code in tinfoil-shops (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12060d7ba8ada1f0215277ed3936de1f8e9f03d47430fe816b634778291d7024 The package tinfoil-shops was found to contain malicious code. Source: ghsa-malware 5fafb06ed458abc37062e49cbd57b0e5c348dba7d88d1524ca5df198216d7326...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/03 9:26 p.m.•14 views

Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/03 12:32 p.m.•14 views

Malicious code in win-update-helper-tool-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251972769752a77d15c86627fe078560c49ce79a47bcc4542128386eb5362342 If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/01 10:14 p.m.•14 views

Malicious code in oracle-lag-sniper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 052e2309a320b056b5a959c33b703d819b1fa2ce9b2647d250bc612d25bae9c9 When using the package, it exfiltrates sensitive environmental variables targeting Polymarket keys to the target controlled via a Polymarket's user profile. Th...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/27 2:15 p.m.•14 views

Malicious code in @business_promocode/cancel_promocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 002798d60b98859a68bc9daf0ebaf7794b8d83973b69fb4c8bfe9979f685e51d The package @businesspromocode/cancelpromocode was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/26 5:35 p.m.•14 views

Malicious code in @clearpool/comms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f79c0a598ffe54e6eba22b90afd0c9bbb902c3086178c2ea2a9227e002e399d The package @clearpool/comms was found to contain malicious code. Source: ghsa-malware aac3d8fce06f495311a581ee9a8f6acf42b7ea35162b9a3387ad6040adfef4...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/25 2:32 p.m.•14 views

Malicious code in promptflow-runtime (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5b42466489944454bbab304af3aa9869e3f0483cafc76b4da896f6512bb4c627 During import, package collects basic information about the system, performs deep fingerprinting, and reports the data to the remote target. The package...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/22 1:51 p.m.•14 views

Malicious code in pgserve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/17 6:19 a.m.•14 views

Malicious code in paddle-internal-scripts (npm)

Malicious package due to sensitive data exfiltration via obfuscated preinstall script. Few published versions increase suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae655788b800d689464263a26d904ccb45fe4aa65b61422a51325008aff3003 The package...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/15 10:5 p.m.•14 views

Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/13 3:25 p.m.•14 views

Malicious code in ih-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e7f19afb6ffd57012c61c6bef2ce8ad4238f192cac0679e216684a37ec672e The package ih-icon was found to contain malicious code. Source: ghsa-malware c7182707ae8272b3af4376c3dfec66a3b574b8c86217bf3b7c705d94dfb84b63 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/07 7:23 p.m.•14 views

Malicious code in @velora-dex/sdk (npm)

Malicious npm package executing base64-decoded shell command to download and run stage-2 payload from C2 server 89.36.224.5 targeting macOS --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21a732dd2745098176d2c19fe3edb359db6f6690b5d14b8d49e8a00b61325311 The packa...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/01 9:10 a.m.•14 views

Malicious code in @logcore/pino-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/22 5:11 p.m.•14 views

Malicious code in @pypestream/floating-ui-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c054f1bdbe451e796bb0623296f4240c654e72b4ef794089dad3428bfed98fd2 The package @pypestream/floating-ui-dom was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:12 p.m.•14 views

Malicious code in technical-assignment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bb4466031b35e68c6b2433674215383e95538391f583e01c1800c758a61c53b The package technical-assignment was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:9 p.m.•14 views

Malicious code in shopify-ping-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f10efaec7ccae41168b3bcbce9874ddfa9fb6d806c9e55029549efe82f9898 The package shopify-ping-web was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:9 p.m.•14 views

Malicious code in shopify-admin-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2d9c5f86ae6bcf7ba61b04fdb9a3a1f5972c1b157323851a1d47fed29486ae0 The package shopify-admin-web was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:4 p.m.•14 views

Malicious code in proleis-web-animations (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74a5f037c0757513f368436996c6152eb542df054a16bd774b37d6c8970f84c The package proleis-web-animations was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:10 p.m.•14 views

Malicious code in solnetwallet.net.core (NuGet)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:10 p.m.•14 views

Malicious code in solnetall.net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/16 12:0 a.m.•14 views

Malicious code in typescript-type-graphql (npm)

The package 'typescript-type-graphql' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/12 2:18 a.m.•14 views

Malicious code in praxis-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f147ac7e867b493ef159ddfdd294c57a1bfbbd8e502037178470c37345ca0628 The package praxis-scripts was found to contain malicious code. Source: ghsa-malware 9cf02a0374cd88b4ae46f34a484f0441ea2bfaf3c6799812ea6b4cf4e916cd0c...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/03 4:8 a.m.•14 views

Malicious code in xpack-per-device (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f3e144fc188f6f28820784883e158f5841d1276a3eb100db4c469e45439f415 The package xpack-per-device was found to contain malicious code. Source: ghsa-malware 40c08125e60c3d43432e40679e35d49bb3fc0b9d4a3df799c45b80999f1753...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/02 2:27 a.m.•14 views

Malicious code in loadash-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8a6b55079998d38c9458ab6cae73e677bccc96d3965a9e6584e85c0450c2695 The package loadash-lint was found to contain malicious code. Source: ghsa-malware 9ad2a23ceb26c4b6ac051ac94acfa976eda403c11d9eaf9833d2b9206a5d2155 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/01 5:14 p.m.•14 views

Malicious code in ng-vzbootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da191c637225627fd72d8ac07b5358e97dad12fa37eb8cd67aaff06686d5fbd6 The package ng-vzbootstrap was found to contain malicious code. Source: ghsa-malware 8e3edec659665a66e3b038b43eef43aa20405b14a4b4d47323636a8e3ae352aa...

5.9AI score
Exploits0References1
Total number of security vulnerabilities5000