Lucene search
K
OssfMost viewed

226594 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/f2-wordcloud (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/ckb (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/d3-color (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/f2-site (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/event-emitter (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/github-config-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/x6-plugin-export (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/attr (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/f2-algorithm (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/l7-three (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/f2 (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in ribbon.js (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.14 views

Malicious code in @antv/gi-assets-tugraph-analytics (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/18 2:14 p.m.14 views

Malicious code in @zentrafinance/contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 867d053632b3bcc143ed8f9f0f75a1dccdc210cede972e8006d698ef796793e5 The package @zentrafinance/contracts was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/18 10:6 a.m.14 views

Malicious code in pyenvprep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/18 9:10 a.m.14 views

Malicious code in safe-env-reader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad60c5cf4596544e0850900c3340d21c5fec76024a063c057b8b935b02366d4d The package safe-env-reader was found to contain malicious code. Source: ghsa-malware 8fc3e1ef0bee11b2c0e5cb99d3c821492232db6c715fd90cde09c74aa86b926...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/16 4:58 p.m.14 views

Malicious code in netping (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ecc862a2bc12e6779034a99abd68c5d4ffb047f1fc2ae94407dd9e4ad54df5cf The package silently downloads and installs an autostart script that then monitors clipboards and replaces copied cryptowallet adresses. --- Category: MALICIOU...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/16 3:36 a.m.14 views

Malicious code in apexomni-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e9d6ad71ac3eb0c091e0d70625e7daec5ed0352e8b8a4ed2273f2563aafad9 The package apexomni-node was found to contain malicious code. Source: ghsa-malware 7412ab94dec4136827a9aaa0f414452c3bbf8f23b2ea6820b29a1b4e8cc156f5...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 10:43 a.m.14 views

Malicious code in json-pretty-logs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83ea0ffb681b10da082feb66c76e0db908a8ee31cd9b064edca6c41a90a38a87 The package json-pretty-logs was found to contain malicious code. Source: ghsa-malware b86537d3e254ff943b2ca179cb5501c1a02900d518482640d73d0a9892797a...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 10:43 a.m.14 views

Malicious code in babel-6-compatibility-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d77f7edebabddc5ea0e09c0b1df9b7277a2645a506618cad4e4ee0340db67efe The package babel-6-compatibility-utils was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 3:24 a.m.14 views

Malicious code in jatinangor-teleport-testing-zer0id (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 34c3a001b297d2dfcc37259733ff95ded758a3a89d63331422f239359c60edd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.14 views

Malicious code in request-logger-canary (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0d566d7abb400988aea74b00099a6db4c5ea928f32e7d44648193e21a36035 [email protected] ships a preinstall.js that, when npm install runs, opens a TCP socket to 52.74.242.200:8851 and pipes an interactive...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.14 views

Malicious code in glob-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 091b8ee02b80a8a3fda11c15a6d0b8f657b639100244a4398d046ded5854eb64 [email protected] is a malicious typosquat with no legitimate functionality. Its index.js is a stub; package.json declares scripts.postinstall: node...

5.8AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:24 p.m.14 views

Malicious code in env-threads (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb511e0bf06367ec0341939aa68ee55859344c6ca6cb8d9f55f7e62cdcc8656 Package env-threads impersonates the legitimate dotenv package: its README, repository URL git://github.com/motdotla/dotenv.git, homepage, descriptio...

6.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 4:53 p.m.14 views

Malicious code in node-ipc (npm)

Three versions of node-ipc 9.1.6, 9.2.3, 12.0.1 were published to npm on May 14, 2026 by a compromised maintainer account atiertant. Each version contains an identical 80KB obfuscated payload appended to node-ipc.cjs that steals over 100 categories of sensitive files SSH keys, cloud provider...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 3:49 p.m.14 views

Malicious code in viem-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe6492eec3b776a8654ae561b2f6d53c1a02ab00186b7dc5c8c72fb613c4e901 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 4:39 p.m.14 views

Malicious code in chia-network (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c7439a1ad4a50c3852597bd31aaf7a3f15c53c2cb9f124b9b350e55517b5f592 The OpenSSF Package Analysis project identified 'chia-network' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:25 p.m.14 views

Malicious code in py-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2bd2bd26870d2cf5df73c69bca7ed9088604eccf44727e4c59f0301cc8ccd35a Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 4:27 a.m.14 views

Malicious code in @dropout-ai/runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2121b923a39177ed68ce5cf066cbb07891b7cb5d20ecf5ec66f2c953634eff10 On require/import, src/index.js replaces global.fetch with a wrapper that intercepts every fetch whose URL matches openai.com, anthropic.com,...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:14 a.m.14 views

Malicious code in intercom-php (Packagist)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 0bd33abd6fda35e856f8346fda5e85913ce2cad6b4d6c315a2e7138b867760aa This package is malicious and was compromised as part of the Mini Shai-Hulud campaign by the TeamPCP threat actor. The malicious payload...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:9 a.m.14 views

Malicious code in github.com/BufferZoneCorp/go-metrics-sdk (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:9 a.m.14 views

Malicious code in github.com/BufferZoneCorp/go-weather-sdk (Go)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:9 a.m.14 views

Malicious code in knot-rack-session-store (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 12:0 a.m.14 views

Malicious code in iceberg-javascript (npm)

Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 12:0 a.m.14 views

Malicious code in ms-graph-types (npm)

Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 6:0 p.m.14 views

Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 11:39 a.m.14 views

Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 11:23 a.m.14 views

Malicious code in justenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b391e2932f5ed4a24b376c4c9ac84c98b88764799b6ddccdc68e19964346228 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:44 a.m.14 views

Malicious code in 0xegg2024 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f32380998652e4d6d7b70da165cff6d669a4c6a6d9297da2a137071abf6317 Tea.yaml token farming campaign...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:43 a.m.14 views

Malicious code in pirxcypackage (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5de481a31a831804a096bf6cf87157c0b0ee158aa7306c95080447764f9f7540 PirxcyPackage/init.py fetches https://pastebin.com/raw/91tFF63S and passes the response body to exec on every import. This is a textbook...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.14 views

Malicious code in @2oolkit/hyperliquid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.14 views

Malicious code in enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.14 views

Malicious code in @chahuadev/junk-sweeper-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d446150767f92344d8d0a699f5879bd746200fb8beb60554408699868f03d51 The package's postinstall script package.json line 10: "postinstall": "node install.js" unconditionally fetches a platform-native executable from...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:42 a.m.14 views

Malicious code in 11j (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad371791d84a3c28ca12b62bae45a07567847b7df025c93611f8f504a1c869 the analysis identified unambiguous malicious behavior in log.js the package main: an IIFE executes on require/import that monkey-patches...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 6:10 a.m.14 views

Malicious code in housecallpro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6e95d04cb7977b9da45686f61f19767b33fb3e4fd1af5081b1a27acfd9ee9337 The OpenSSF Package Analysis project identified 'housecallpro' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.14 views

Malicious code in @mesadev/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.14 views

Malicious code in @mesadev/saguaro (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.14 views

Malicious code in guardrails-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.14 views

Malicious code in ml-toolkit-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.14 views

Malicious code in @draftlab/auth-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
Total number of security vulnerabilities5000