Lucene search
K
OssfMost viewed

226596 matches found

OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/13 12:0 a.m.•14 views

Malicious code in iceberg-javascript (npm)

Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/13 12:0 a.m.•14 views

Malicious code in ms-graph-types (npm)

Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 6:0 p.m.•14 views

Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 11:39 a.m.•14 views

Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 11:23 a.m.•14 views

Malicious code in justenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b391e2932f5ed4a24b376c4c9ac84c98b88764799b6ddccdc68e19964346228 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:44 a.m.•14 views

Malicious code in 0xegg2024 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f32380998652e4d6d7b70da165cff6d669a4c6a6d9297da2a137071abf6317 Tea.yaml token farming campaign...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:43 a.m.•14 views

Malicious code in pirxcypackage (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5de481a31a831804a096bf6cf87157c0b0ee158aa7306c95080447764f9f7540 PirxcyPackage/init.py fetches https://pastebin.com/raw/91tFF63S and passes the response body to exec on every import. This is a textbook...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in @2oolkit/hyperliquid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cefeea627aa1a0cc84aeedff1db0ae88ebf61b233bb9b20fa82b0a5fd0737cbf The distribution is published as enhancer but installs modules under the top-level safety namespace setup.py declares namespacepackages='safety' and...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in @chahuadev/junk-sweeper-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d446150767f92344d8d0a699f5879bd746200fb8beb60554408699868f03d51 The package's postinstall script package.json line 10: "postinstall": "node install.js" unconditionally fetches a platform-native executable from...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 7:42 a.m.•14 views

Malicious code in 11j (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad371791d84a3c28ca12b62bae45a07567847b7df025c93611f8f504a1c869 the analysis identified unambiguous malicious behavior in log.js the package main: an IIFE executes on require/import that monkey-patches...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 6:10 a.m.•14 views

Malicious code in housecallpro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6e95d04cb7977b9da45686f61f19767b33fb3e4fd1af5081b1a27acfd9ee9337 The OpenSSF Package Analysis project identified 'housecallpro' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in @mesadev/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in guardrails-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in ml-toolkit-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 5:49 a.m.•14 views

Malicious code in @draftlab/auth-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 3:26 a.m.•14 views

Malicious code in @uipath/apollo-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 235b3abc1afad9d8a47430183286bbef61e16f74be20b29c7d967a8d528ecdf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 2:21 a.m.•14 views

Malicious code in @tallyui/theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34578fa5c77db2b21dd15d3357fc2b7c4d36a2ce4d1d44f86daa5c04561d662c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:59 a.m.•14 views

Malicious code in git-branch-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dab170d586455af0816362e715de0907ddaa19adb87c68ef59255139322dde69 The package git-branch-selector was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:26 a.m.•14 views

Malicious code in @squawk/navaid-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 966263f7b58fca4470e282294f432c7c78d25b154b3c6daf6580d2b426a5e004 The package @squawk/navaid-data was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:24 a.m.•14 views

Malicious code in @squawk/airports (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01fabaad6adcf6ba78ba71fb750d70c8e3f3a1e524a75a6b8bf8ddc7769ac5b0 The package @squawk/airports was found to contain malicious code. Source: ghsa-malware f8adf8853b03c99d84b919062f8c688b4bfb42f72cc9de33299fe3e3f9a2b9...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:22 a.m.•14 views

Malicious code in @tanstack/router-vite-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59c369975f931e9f8a4ca499e887c2ec41f7d1dbfcdcb83fa9e6ec9717ea4910 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:21 a.m.•14 views

Malicious code in @tanstack/router-ssr-query-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 388949e6add086eda74454a083d7f720fe77716c9c3f18746ba90206a5ebbab5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:17 a.m.•14 views

Malicious code in cross-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe06155444d60d3774a256051b31f6a4814f484f33830cbe61eec7ebe611be6 The package cross-stitch was found to contain malicious code. Source: ghsa-malware 7c23bb77e762be76915e8202d11074aaa122efe0a8a32e403fa00ee8563c9bbe A...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/12 12:1 a.m.•14 views

Malicious code in @tanstack/start-storage-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7021ac6b47d0f973f936ca9d15cd26f43a01b1151ce691ec8b10be5001be2bb This version of @tanstack/start-storage-context belongs to the @tanstack/ package family that was compromised via CI cache poisoning, with 42 package...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/11 12:0 a.m.•14 views

Malicious code in briantreehttp (npm)

briantreehttp is a typosquatting package impersonating braintreehttp, the HTTP client library published by Braintree/PayPal. The package bundles the legitimate library source to appear functional while hiding a credential-theft payload in index1.js, which is executed at install time via the...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/09 5:34 p.m.•14 views

Malicious code in ggfmttygl-new (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2098233a75602dd1779f720f566420f4a88ec77694b206e7858323b5aeea38d5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/08 7:19 a.m.•14 views

Malicious code in crypto-kit-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3c7b3526469db1bb04a5875cfcb3a1e41fe3f9c697b6d63e497a15d1177cb1b The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/04 3:2 a.m.•14 views

Malicious code in @google-pay-trust/start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16feef8620dbb1f3b6c7c6c67f9f7883438f368a3bfd2c2c591d7f30467e67c4 The package @google-pay-trust/start was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/03 12:32 p.m.•14 views

Malicious code in win-update-helper-tool-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251972769752a77d15c86627fe078560c49ce79a47bcc4542128386eb5362342 If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/05/01 10:14 p.m.•14 views

Malicious code in oracle-lag-sniper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 052e2309a320b056b5a959c33b703d819b1fa2ce9b2647d250bc612d25bae9c9 When using the package, it exfiltrates sensitive environmental variables targeting Polymarket keys to the target controlled via a Polymarket's user profile. Th...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/27 2:15 p.m.•14 views

Malicious code in @business_promocode/cancel_promocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 002798d60b98859a68bc9daf0ebaf7794b8d83973b69fb4c8bfe9979f685e51d The package @businesspromocode/cancelpromocode was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/26 5:35 p.m.•14 views

Malicious code in @clearpool/comms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f79c0a598ffe54e6eba22b90afd0c9bbb902c3086178c2ea2a9227e002e399d The package @clearpool/comms was found to contain malicious code. Source: ghsa-malware aac3d8fce06f495311a581ee9a8f6acf42b7ea35162b9a3387ad6040adfef4...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/25 2:32 p.m.•14 views

Malicious code in promptflow-runtime (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5b42466489944454bbab304af3aa9869e3f0483cafc76b4da896f6512bb4c627 During import, package collects basic information about the system, performs deep fingerprinting, and reports the data to the remote target. The package...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/22 1:59 p.m.•14 views

Malicious code in @openwebconcept/theme-owc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba9da7f58491c9c4715c34da32da8f4a9d1519075412a9be534d19e6e07466e2 The package @openwebconcept/theme-owc was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/22 1:51 p.m.•14 views

Malicious code in pgserve (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/17 6:19 a.m.•14 views

Malicious code in paddle-internal-scripts (npm)

Malicious package due to sensitive data exfiltration via obfuscated preinstall script. Few published versions increase suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae655788b800d689464263a26d904ccb45fe4aa65b61422a51325008aff3003 The package...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/16 2:3 p.m.•14 views

Malicious code in emergentintegrations (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fce023cdc4fa1509dbc8512d9b3728d4f5944941a522f63b94ef27b764ee4fbd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/15 10:5 p.m.•14 views

Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/13 3:25 p.m.•14 views

Malicious code in ih-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e7f19afb6ffd57012c61c6bef2ce8ad4238f192cac0679e216684a37ec672e The package ih-icon was found to contain malicious code. Source: ghsa-malware c7182707ae8272b3af4376c3dfec66a3b574b8c86217bf3b7c705d94dfb84b63 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/07 7:23 p.m.•14 views

Malicious code in @velora-dex/sdk (npm)

Malicious npm package executing base64-decoded shell command to download and run stage-2 payload from C2 server 89.36.224.5 targeting macOS --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21a732dd2745098176d2c19fe3edb359db6f6690b5d14b8d49e8a00b61325311 The packa...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/22 5:11 p.m.•14 views

Malicious code in @pypestream/floating-ui-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c054f1bdbe451e796bb0623296f4240c654e72b4ef794089dad3428bfed98fd2 The package @pypestream/floating-ui-dom was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:13 p.m.•14 views

Malicious code in ui-core_mal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c66ea54316ebd799590186156adab4ff03ad3108487b4c5c48192924efcd60a The package ui-coremal was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:13 p.m.•14 views

Malicious code in tss12111 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5555634991a4c64a764e555ae6b0c69b17ebdedc0c581f558eff46d2fef417d1 The package tss12111 was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:12 p.m.•14 views

Malicious code in technical-assignment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bb4466031b35e68c6b2433674215383e95538391f583e01c1800c758a61c53b The package technical-assignment was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:9 p.m.•14 views

Malicious code in signalk-poc-bug (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf69e2f2bf99c9fcd93e12139a947e034130e9f90b30def5cf03d008c3f40330 The package signalk-poc-bug was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:9 p.m.•14 views

Malicious code in shopify-ping-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f10efaec7ccae41168b3bcbce9874ddfa9fb6d806c9e55029549efe82f9898 The package shopify-ping-web was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:4 p.m.•14 views

Malicious code in proleis-web-gallery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9085cc1fa561c63217713c781ed745f8e6d4c34e5997413299b06aa2d6047dc1 The package proleis-web-gallery was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 1:4 p.m.•14 views

Malicious code in proleis-web-animations (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74a5f037c0757513f368436996c6152eb542df054a16bd774b37d6c8970f84c The package proleis-web-animations was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/18 12:10 p.m.•14 views

Malicious code in solnetwallet.net.core (NuGet)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
Total number of security vulnerabilities5000