Lucene search
K
OssfMost viewed

226481 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:2 p.m.18 views

Malicious code in private-next-instrumentation-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6453af923aa8f8a1c7ab67406fc29c333830e59f44ea080bbb5c3c6727e0aef2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 12:0 a.m.18 views

Malicious code in @capibar.chat/ui-kit (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/solutions (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/virtual-machines (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/key-manager (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/support (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/cloud-dns (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/event-bus (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/opensearch (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @mlspace/env-gitlab (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/svp-images (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/iam (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/cp-api-gw (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.18 views

Malicious code in @cloudplatform-single-spa/ml-finetuning (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 9:10 a.m.18 views

Malicious code in massive (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02d8dea3e47a2bd45fc796f33fc582956aec2be887add9672fd5eccc91c2135d Package self-describes as the 'Official Massive formerly Polygon.io REST and Websocket client,' a false rebrand claim — Polygon.io has not changed...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 7:16 a.m.18 views

Malicious code in test-nonmal-pkg-5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f52d81c9285fd103cfe5f8dc724c173c1b4e57e96cd56313cec119fbbbc9982 index.js is hex-name-obfuscated 0x-style string array and, on require, enumerates the entire process.env via Object.keysprocess.env into a snapshot...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 9:5 a.m.18 views

Malicious code in jules-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68192c93adffde34c344bbc8448fe604a749ba448c9fd982f6ba9f8564ff4705 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/24 4:4 p.m.18 views

Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 12:0 a.m.18 views

Malicious code in wallet-security-checker (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.8AI score
Exploits0References14
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:0 a.m.18 views

Malicious code in @openclaw-cn/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808f63e2460f19f5e3d3bd28745eaeb5f17a47226ad02c681e11069cd632765d The package @openclaw-cn/cli was found to contain malicious code. Source: ghsa-malware d44ce935cfbfa6f605998045f46eaa7a822658868ff8d774097bf02185e78a...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.18 views

Malicious code in @antv/x6-vue-shape (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.18 views

Malicious code in @antv/x6-vue3-shape (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.18 views

Malicious code in @antv/x6-react-components (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.18 views

Malicious code in @antv/webgpu-graph (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 12:0 a.m.18 views

Malicious code in @antv/x6-common (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/17 1:43 a.m.18 views

Malicious code in citrea-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23fdd6beb009e7afba647c12314e567a8c1bc2be715524724645820fc6239852 The package citrea-bridge was found to contain malicious code. Source: ghsa-malware abffe603b7967ca2d5e19b9daed6989d966c78d638b7367a926ef2d9fa9e6997...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 4:32 p.m.18 views

Malicious code in workingitmehelpit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e553fe0eea72dc43eab2696330acd6fbb3e4de8c95529eab6298411620c0c9f Package installs malware identified as a backdoor or reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:24 p.m.18 views

Malicious code in rich-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 2:46 a.m.18 views

Malicious code in @design-system-coopeuch/web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a871445c3913d747a2f1383bcfdac02d6dec26ddb2053260340284cf4ee02233 Package @design-system-coopeuch/[email protected] is a dependency-confusion squat of an internal-looking scope, published at an inflated 999.x version to...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 6:50 p.m.18 views

Malicious code in katal-platform-versions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8dc8f21e750df73dfe46bbeba3bcfac8e88308adddf33680ce9751e7a1fec4af The OpenSSF Package Analysis project identified 'katal-platform-versions' @ 99.99.99 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.18 views

Malicious code in mistralai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.18 views

Malicious code in @ml-toolkit-ts/xgboost (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:39 p.m.18 views

Malicious code in @tanstack/history (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d40d7bafa18dd8987c0ee75b8ffccfc7db076f4521961472d0830ef93a03994e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/08 7:38 a.m.18 views

Malicious code in justinleaguekems (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 039b35e6547b64dd3e28ba9e178b9716447f88d6bd9558766c9ffe8850262d99 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 9:10 p.m.18 views

Malicious code in rogiant-quick-install (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 efdebb03bb05b0da602f813ad321bbc81c658ac1bec059a5a7fa73fed277a53b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/18 5:18 p.m.18 views

Malicious code in @source-row/source-container (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef1f8f064936d70cf38ce81e5a991bd0514ea059213b17683bf77edfb8cba45b The package @source-row/source-container was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 6:37 p.m.18 views

Malicious code in forge-jsx (npm)

forge-jsx is a malicious npm package that impersonates an Autodesk Forge SDK. It was published as a fully-formed RAT from its first version on April 7, 2026. Installing the package on any non-CI machine deploys a persistent background agent that captures all keystrokes, monitors clipboard content...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/31 2:7 a.m.18 views

Malicious code in plain-crypto-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f18d90df82216aedaaeca02607816457cfe0df4bc89bf292a4d7f3549e912d8c The package plain-crypto-js was found to contain malicious code. Source: ghsa-malware 4dfdc3dd18fb6fe824f34c663d26a2f7225e65a4b858a6f3ed6620a7a725c86...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:28 p.m.18 views

Malicious code in @inter-ikea-gallery/integration (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41711fef02809de5ee632f210cfe1102fe06ee4273743b408ec9ae92d7cb9277 The package @inter-ikea-gallery/integration was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/12 2:2 a.m.18 views

Malicious code in immer-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bc0710eb5a0ad9d9eb01cbd2d6f7c1b9cc39b07636d82a05f2cafdf953756bd The package immer-js was found to contain malicious code. Source: ghsa-malware 920c7d161c9e90ea35c168d53dd01e0920704e5f35e76d330fac6fb3c0a2cb87 Any...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.18 views

Malicious code in @voiceflow/slate-serializer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb7716bab0bde17a29c041cd61a934d39d4717019743671e8d6164fd166c0bdc The package @voiceflow/slate-serializer was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.18 views

Malicious code in omega-fast-xi-node-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d063debca30b371ad751d91f206fbcace60cac8a3409db0989f84de55d1cdb87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 3:36 a.m.17 views

Malicious code in llm-traces-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0916c8694f396dfa0947df6e3b3d3966839a6e02d4a4f5b84f698787c446bdc On npm install, the package's preinstall lifecycle hook runs node index.js, which collects host identity os.hostname, os.userInfo, homedir, DNS...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:0 a.m.17 views

Malicious code in @mastra/playground-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a1183fddcc1c7e3be311a4e6fb47609f1b770087fdae294cba960c154845cf6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.17 views

Malicious code in npm-sandbox-ping-c8f2a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5401a81d56283c310efebfe29af19c3e3fa331667f40adeed71a54627adc877 Package declares a postinstall hook "postinstall": "node run.js" in package.json that executes on every install. Bundled scripts beacon6.js and...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.17 views

Malicious code in npm-sandbox-research-8b2f (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 916280d3906e0f04caa7f46135039e4a42b03a5c96091c1555ad2ab0e86b923b On install, package.json runs postinstall: node run.js, which loads beacon scripts beacon8.js, beaconlinux.js that import childprocess, os, and http,...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.17 views

Malicious code in npm-sandbox-research-d7e8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff31cbf7e2e36cef422933472638912cd6ee6652ece9b03d11faa98b70d13e9 Package declares a postinstall lifecycle hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon12.j...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.17 views

Malicious code in npm-sandbox-research-g3h4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e119a878730c42d27b9ec21adae1cbc6e044f1d6703c152010b5261647f1a3a On install, package.json's postinstall hook executes run.js. The package ships beacon15.js and beaconlinux.js, which import childprocess, os, and htt...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:30 a.m.17 views

Malicious code in npm-sandbox-research-9c4e (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24c86d7d2179375f642423fc8c38f58f5740b543bacab149ba8d4cbdcd7dc4cf On install, package.json runs node run.js via a postinstall lifecycle hook. The package ships beacon scripts beacon9.js, beaconlinux.js that import...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 1:55 a.m.17 views

Malicious code in easyaillm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6268f175708584b9c3de408c80de3dc1162f4d1ddedb1ce6201b90f409b0dea On pip install easyaillm, setup.py runs execbase64.b64decode... which decodes to code that fetches https://pastebin.com/raw/hEF5HaFc, treats the...

6.1AI score
Exploits0References6
Total number of security vulnerabilities5000