Malicious code in dev-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20dee9221f632983ab927b06c661fda3edf9bea9f5369620acdea3631511876a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in json-mapping-sources (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77824e69a815d8ac27a50bb52fa0a39fe2c7e512e6597d3aefd500b0eae847e8 The package json-mapping-sources was found to contain malicious code. Source: ghsa-malware...

Malicious code in ctf-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in @skyeng/libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4b92505d9c0107026c2298d6ec8da504657990b61e40754b62b2cb8e1bd5a0b The package @skyeng/libs was found to contain malicious code. Source: ghsa-malware b4801b107979e502d4889dc729885a390ebfc2db995cd1b2fd23d27e09613a1b A...

Malicious code in carcent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6672d1df7a6035da8ee0a2c7a4ed9e7e5bace551e5948fd2e7d7d31a18410a1c Package collects and exfiltrates Discord credentials from multiple sources --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in @rsgweb/modules-core-feedback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c68d1fafad6a94ebe843e20901dd8e5251d0b27b963d07e71ecefbd16c7465 The package @rsgweb/modules-core-feedback was found to contain malicious code. Source: ghsa-malware...

Malicious code in @rsgweb/rockstar-account (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd40e663999d2780e2e131fd5da090045d623032e6c51db70d0bd65cf583101d The package @rsgweb/rockstar-account was found to contain malicious code. Source: ghsa-malware...

Malicious code in @rdxportal/ui-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6715dad49a0781dc55e72ae77bd13276de1564d08cfd1c0a3c3aebf37b72acc The package @rdxportal/ui-components was found to contain malicious code. Source: ghsa-malware...

Malicious code in @hashicorp-internal/vault-reporting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85e2c508de22734977cac24ec430b5cfece85e6367f577df76caa740b5594eb7 The package @hashicorp-internal/vault-reporting was found to contain malicious code. Source: ghsa-malware...

Malicious code in p7zip-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in ppe-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1914d3cfcb631f551660417c0441d7e6eb3929ee6c4cadd6088e551462ead553 The package ppe-test was found to contain malicious code...

Malicious code in ac-dom-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b323cec1a59645d9dcb2c0951a0f7d31b362ac58e4f930306a940ed67037b20d The package ac-dom-nodes was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ac-polyfills (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7d9d049932519bded5d12b8627523ef63dac69179b1ce873cf4cd8b7fe6849 The package ac-polyfills was found to contain malicious code...

Malicious code in test-npm-style (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38db992411a56d07cbda15c79d3428dddd769488313604ade2606f11da3e6e4c The package test-npm-style was found to contain malicious code. Source: ghsa-malware d89c00ba3209ce1a4f9ffd6f70034eacdb716fcd4d36b0a7f51bca6ad53b9392...

Malicious code in pipelinepoision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in conp-dats-editor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf The package conp-dats-editor was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @jes4l/react-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbda4aa24c8a13be0d237b206780fc2feb5778e65cebf430e2124e49a390cdde The package @jes4l/react-pkg was found to contain malicious code. Source: ghsa-malware 2bd5520cca8e57269ded7f69993dc5257f9085a6706d01d7bc60b17ec80534...

Malicious code in locate-path_updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f73581936729923d61e5195115627693c9929bc048b9900da7dee76db9b6b37b The package locate-pathupdated was found to contain malicious code. Source: ghsa-malware...

Malicious code in @purecore/rabbitmq (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e503973dbf2c860017e4ea8118ddec5cd43a537c32eb8fca24ac544a86d8822 The package @purecore/rabbitmq was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-count-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bf23710693921f6b69d38cf0abd8fa7ce2f181bfa2df9fa9777f59e0e4954e7 The package react-count-sync was found to contain malicious code. Source: ghsa-malware 9a44b72820f2af0bcbd60f65787e0707617e4f7428aa2c9407bec9f8decb07...

Malicious code in remark-gfm-v4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb645996981f1453b9049a0d97b6f0b6c7ff4cadc29d4ccddd7f48cd65cbb21 The package remark-gfm-v4 was found to contain malicious code. Source: ghsa-malware 10eecf76003bd92639bb172deaa68448c44a5899c772fdcce927765011d807eb...

Malicious code in tailwindcss-forms-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c160bdf4857d48ea8df8ddf468e5a63432a60ced853eff31cbc5093966a044f The package tailwindcss-forms-kit was found to contain malicious code. Source: ghsa-malware...

Malicious code in graphrix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 999c8394a8d5c821b17e5e5574f8d881c1281de19cc1df8af7f5dc82efe8a57f The package graphrix was found to contain malicious code. Source: ghsa-malware 88b6625fcbb125b7b3432974b307d94dfbe798496eb8285a739807f9d4b413a2 Any...

Malicious code in strengthifys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26bf8b635060e35c2ba0f361186f8c6bb35d9a462ce69102a68bd12e55a6563a The package strengthifys was found to contain malicious code. Source: ghsa-malware 906876be89627ae4a5964998517da35bbfa92d6e427e4feed9b49bad03ac904e A...

Malicious code in transform-exponentiation-operator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1b79481ce559cb600cfe4b2897847eb06d38b5cbe4ef456339cbbac7b240e60 The package transform-exponentiation-operator was found to contain malicious code. Source: ghsa-malware...

Malicious code in typescript-react-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ad53847415b01595a09cd7ec959129e610fe93b14b7f3ea880816bee2c8e97 The package typescript-react-apollo was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-dnd-legacy-html5-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d549162491e3ef2900daafc0bb49291caef1538d4406a75ec4b80e12ac18fc26 The package react-dnd-legacy-html5-backend was found to contain malicious code. Source: ghsa-malware...

Malicious code in pipeline-poision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9de6153f538cb8ccedf00f0f944128afb45f14522913cf398754fc4021f47e3e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in launchdarkly-cpp-networking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6c4fb76fdf3a3ab10ddc884a1fcc11f57ef3b0e44df500c5f2881f40cec0b20 The package launchdarkly-cpp-networking was found to contain malicious code. Source: ghsa-malware...

Malicious code in genvia-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 daedaaf2f945a1cc86a93f479d8284153533d387ddd7b00418991a7998a37e11 During installation, the package attempts to exfiltrate specific sensitive environment variables. --- Category: MALICIOUS - The campaign has clearly malicious...

Malicious code in roots-cms-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...

Malicious code in mbo-letters-cl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ezviz-shop-mall (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e8fa924e1aabab970bfb7f4b014f4f210acc59d591128c45fb41c33e1e8f8c3 The package ezviz-shop-mall was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in banquet-runtime-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 236dee5bac395a6446685322fb3dadb454e4b7f7d43a132111a8392721fed206 The package banquet-runtime-modules was found to contain malicious code. Source: ghsa-malware...

Malicious code in securedrop-workstation-dom0-config (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a496fb67ea100acce3d945e16e2d50d6d3181a322017f80cdf8c01006a49aade Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in jwt-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4102b59becb214e216d479ce014231e41dd264560b48ef7750c7006a3c86e7d6 The package jwt-pack was found to contain malicious code. Source: ghsa-malware c16aba10441aad949bd96fd2a349f2f59d62bf56708394fd925b432c57e2c91b Any...

Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

Malicious code in lvldragdrop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ce81a159192ad7b893014354e6d4e99dd61e918b75bf4a1c2e787d3373aa26 The package lvldragdrop was found to contain malicious code. Source: ghsa-malware 78a2a28643bce407d3eb1ba2f9524eb15c5bdf4879ffb0cc93e0ccef865fab26 An...

Malicious code in chai-async-tests (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fe54f3f00b12c9b57fd672be7ddbe4a46342c24fe308c31f31c6156ae436d8b The package chai-async-tests was found to contain malicious code. Source: ghsa-malware 4303ac7ff339f51dfbc53ed8c70cd02a76123b62e0448bca935128fd313ab3...

Malicious code in chai-px (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfeac68ac3a89859c0a6c38e5d55e4e2e9b9ffa77476a10cdc1d31de070bea68 The package chai-px was found to contain malicious code. Source: ghsa-malware 708ec6326dbafd483773c64035513b5cd8be0a0842c3d44d92af9eee01408b8a Any...

Malicious code in teslaone (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abb43567bb439e05bc83e1c5606aea8567e811514d05c3fa914204631fc8d762 The package teslaone was found to contain malicious code. Source: ghsa-malware fdac9959b37ff7705cf813ced160feeae858ef6da9e1ec58b3d0f33f0ceda520 Any...

Malicious code in transform-vue-jsx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e223730f37f6e4ebbb935ce737076e8e48e23db4fb9f8d280cc9f93a6cf2193 The package transform-vue-jsx was found to contain malicious code. Source: ghsa-malware...

Malicious code in pino-debugger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7133bd631bca4144933e87ca536afdde9683d259d48d0214ed53581cf41584ee The package pino-debugger was found to contain malicious code. Source: ghsa-malware 94f20503a24b5da686e72147cd518873a372a8fe87f409e470e7b5c7ffbec055...

Malicious code in syntax-async-functions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d14dae07d53bcd3b3da9693bf5facb7518fafafe8cc2c54d93cd59ec7a28f1 The package syntax-async-functions was found to contain malicious code. Source: ghsa-malware...

Malicious code in blockchain-helper-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c11700a2d24dc725d693b0942598bae18970721cbb482671f43c005800569e42 The package blockchain-helper-lib was found to contain malicious code. Source: ghsa-malware...

Malicious code in stylus.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da337331b168fe53efb22dcc1d3a935e35010e59a40d5d222ee18aa89fe82e42 The package stylus.js was found to contain malicious code. Source: ghsa-malware 228752dfb0c639ecaabfe0fc0189046c016a56e66ffae8ebb59eaeb675d9d935 Any...

Malicious code in fileupload-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cfeee070d9e37cd2dda0d7557f93098e1589be17d77ff38abf265f564574ca3 The package fileupload-core was found to contain malicious code. Source: ghsa-malware aa58dfc19074922a9db4713e1aa1c17edc8de5a937d01a5c08271d4940bcc38...

Malicious code in radishwxm5 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4cbabb01d98bcad5705b98f5aac22b9d8f53e8c97e2fe5ab8bca66661e6c0644 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in braintree-web-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72db908797ea8aa5f2c1c6d89356499ed46b677379648156e795ee3049b24b20 The package braintree-web-latest was found to contain malicious code. Source: ghsa-malware...

Malicious code in overstock-component-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 387cbf7de757b1668d6c0f2c9f81f9beab4f35af6f362c2ee434509070af2e34 The package overstock-component-library was found to contain malicious code. Source: ghsa-malware...