225893 matches found
Malicious code in system-integration-toxi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 096a1a342309a85666ad92b45da1da18ca808e16c93819a3122b2c6bbc2a15d6 During importing the module, code downloads and executes a remote script. During the analysis of this package, the code was a placeholder, but the package is...
Malicious code in instascan-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 94d76fe0beb67ab3d875d659dac44b4650be6b8f5bbb4b43635c0fc2fa7b4af9 The package contains a module prepared to collect and exfiltrate user's files. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in overstock-jenkins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8c5441a7b9b1ad7193650b05275dc85626691e1fa1f04bb0f21783fa75673c The package overstock-jenkins was found to contain malicious code. Source: ghsa-malware...
Malicious code in hemi-btc-staking-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...
Malicious code in h-jsencrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...
Malicious code in @acqui-calm-library/acqui-hero-carousel-section (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45f704f47a1967aa0078611eb8d426733e5bc5d4a5146a61261b55b823d9357e The package @acqui-calm-library/acqui-hero-carousel-section was found to contain malicious code...
Malicious code in @transaction-list/transaction-list-xs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6a746b479fa4f5cf9daa56d99d4e405c183bae19f055d207078d1c166d76173 The package @transaction-list/transaction-list-xs was found to contain malicious code...
Malicious code in uuu8lgd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1048ec8371fbc694883c71f227674b6b7ba3dcf534b1ed096ce4342a6e129920 The package uuu8lgd was found to contain malicious code. Source: ossf-package-analysis 07f7eda587433e48aed22a16c8f76973b55a61815311f38620239874795203...
Malicious code in @corp-front/corporate-filter-company-select (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3aaa588b7207d5174a115bb4b75335970dd288419043e978ffc3dc455f8608c5 The package @corp-front/corporate-filter-company-select was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in csv-parsing-xx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfe9a306ce309515a134b6348aff27991f8725d7925ee31b1c51281c9d4a5bc8 The package csv-parsing-xx was found to contain malicious code. Source: ghsa-malware 3e16868b929858d45e76857e9157eae0e3631ca0e2e5988e69c6f537d0ad1a04...
Malicious code in tv-admin-commons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23c0b8199883c9cf5ea055f98b5f90f8cfb349eceba1b6c4026ef3b94c96872b The package tv-admin-commons was found to contain malicious code. Source: ghsa-malware 0b766afca3bfb069abd800cf6cb59759fc8555cdeb01e8d8e0576d5adaf720...
Malicious code in lumo-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab5d24591ceb311425ae395bd2b1bf7f82818bd6c7946d669a19c619462fd755 The package lumo-api-client was found to contain malicious code. Source: ghsa-malware da916419989a0707bcaa3fc59ba24e3ef90e2ec5df35aa6cc1e81f8d3cb82c6...
Malicious code in dotenv-expanded (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e36cd005779e12b645b7ec5f6e65df1edae7c6d86736507cd1feacec1ef7cf The package dotenv-expanded was found to contain malicious code. Source: ghsa-malware 8c545865cdbec4a05b0f51103dd3560d60c3f43b818465e4a935a47bf84078d...
Malicious code in weaviate-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c229f83d7066881287b7035e8e71dc5ed74531480ab19cbf47ebd72990bc1525 The package weaviate-js was found to contain malicious code. Source: ghsa-malware bb063c82675f5933564b46d7e49a2c2a7aac395d9a399b1264e3de0aafb29905 An...
Malicious code in clerk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 380b4e8d88a5d8a96ffe344566787326dbace52224d29a853cd4553fac40bd1c The package clerk-js was found to contain malicious code. Source: ghsa-malware 2433ecd39bbf328a21740fa34f33bb09d575e76f6f280b915c7ea15fbc55c2b3 Any...
Malicious code in victim-package-b (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152e8188fd82f0ea4ee410d725bb96ab33af5767241fcefb555ef8dfaffd39bf The package victim-package-b was found to contain malicious code. Source: ghsa-malware 324aadc54f696916c968e82f4704d088384eab1ce76c08f2a3d3d0aa59fece...
Malicious code in react-server-dom-unbundled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a00ece23d0316d703248d00b48a8a29b2ed829ae8e1bce8f1bfd6a404820b21 The package react-server-dom-unbundled was found to contain malicious code. Source: ghsa-malware...
Malicious code in ofjaaah-auth-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 680db6543dbee7ec4f8cfe557fc5c76a13bb684b7faeec4e6e2582c0d89ecdf7 The package ofjaaah-auth-module was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-as-executed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39509cc9cca91e97ff74a0dbb0eb902c89e3736a5b96e6412d9334c70b1c315f The package chai-as-executed was found to contain malicious code. Source: ghsa-malware 29af27b0f184fca142866657489c6ea7170b3774985d5293e7136f1ae4f623...
Malicious code in zod-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d6e0134575d22df9c8acb633e41aeb44e167203581cee75c81264667e9bdee The package zod-js was found to contain malicious code. Source: ghsa-malware df349fd5990c0cb74fcaa574f32fd30796c00bbe619ee60bd0eac1a658c7dd49 Any...
Malicious code in cyrpto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88df3de403df4549d6cae9b1d508f683da4ed91d472a6020a40a3dbd6d5930fc The package cyrpto was found to contain malicious code. Source: ghsa-malware 1e003c50bdddfa1368c5ed0e356acfab8b21a0d410f1d181471b88221a590cd9 Any...
Malicious code in @riag-libs/pattern-library-react-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64366b918bd4380cf8b087a445df7d86ef18b21686c577a9ed7bdd523aceac64 The package @riag-libs/pattern-library-react-hooks was found to contain malicious code. Source: ghsa-malware...
Malicious code in lusha-integrations-widgets (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34c074752069ec179f6a9024d48a4edfb67538c8a3b7d1dfc9959e6b61d9b27f The package lusha-integrations-widgets was found to contain malicious code. Source: ghsa-malware...
Malicious code in sd-pdc-module-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bed2d91fb4db4325ed4d7b78f02cb681cc3ce2a9b5de740755a4fb868780d75f The package sd-pdc-module-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in vue_frontend_rpc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37b3b39f0c20a8dd65bccdba671ecc5761e03146f454226847e982c424b8c25b The package vuefrontendrpc was found to contain malicious code. Source: ghsa-malware 30e31020ae5911a45b568d33238a4785bb2149dc1a8b474ac220aacb60546551...
Malicious code in @spx-smartsorting/vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c0f383e5f85168809feb97c29b3dfbd12d807bcf0de67ae579f0dcc606889cc The package @spx-smartsorting/vue was found to contain malicious code. Source: ghsa-malware...
Malicious code in chakra-ui-2--styled-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c8febe083a3c8d9449ea02eb0ab1ab112c8ea582743da6ce1f0ee9f0cb9d4d5 The package chakra-ui-2--styled-system was found to contain malicious code. Source: ghsa-malware...
Malicious code in haqawi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6c55dd7769c6bf39fd838af80c68669f79339abce1333cd421d9477144d7fde4 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
Malicious code in @flipster/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7959db4a5848d904daa027ec759ca4588e6c033f1df17a82686a3d28d2dd2e9f The package @flipster/utils was found to contain malicious code. Source: ghsa-malware 0490c6f411da9b1fa5efbfd1cad8e7b41ec915751813279fb2a89a0f5e96752...
Malicious code in cnamts-captcha-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f061900c13c9363e97f1336b62c6c9efff79aefdae954a4d6183900bf71f69c The package cnamts-captcha-component was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-hook-form-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10977fa5366d3d6e71079dade6da0fd8f346f3ce1d9d769f9664a89bdc7d4fe2 The package react-hook-form-js was found to contain malicious code. Source: ghsa-malware...
Malicious code in rxjs-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a82756fe99cd57d9fc69d12a33d81146a6d0c78b3afa5926fa2531e1b3ced4eb The package rxjs-js was found to contain malicious code. Source: ghsa-malware b3538568871fe17ed55bb2e7a707cf1ca517f047348a754b2be9ec8798ab2997 Any...
Malicious code in libc-dev (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cb6d8dc8c1dde2d0e31a36f23ab7fbd5931d00834eef4d6ee225cada5edbb44c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in vet-bones (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3ce97e3af4cf9c82b0a51f4b693273ac59c6b1357b445b5613fbdcf7edec9a9 The package vet-bones was found to contain malicious code. Source: ghsa-malware 963e426141db06e18a04d497aed8ab05c8c6acfc76e6570d7c4a0bd2d81d7658 Any...
Malicious code in n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 153a9330a9d7d9400ff4dd8525ff7d5069ca8ead835562e7ffe0bc16a4c9b22b The package n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl was found to contain malicious code. Source: ghsa-malware...
Malicious code in smintio-portals-component-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1ac8dad03743200fb36bb249f7d2292a267daaffb767a56e0c0e6634dc71afe The package smintio-portals-component-sdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in darknet-dispatches-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56bca60f1c0743747f152e1bb34d4c1242fc24bc3500bbc44d7dc2c5235e06e1 The package darknet-dispatches-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in sparkling-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49e0e650696ea120abbbc0a198865731fbeea781cc9ee947bd39c8f7d76c4eab The package sparkling-cli was found to contain malicious code. Source: ghsa-malware 6185870baa4e15b65e8df51e713dcb6e3e54d79fd00389cfa0f86421cef94f6e...
Malicious code in rt-long-form-content (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aafc418ec6a49447f89597e76416b14a45ffa82d65fb393dc3bb91d1fca38ac The package rt-long-form-content was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwind-autoanimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 239c7b556685c76e1b25bf8ec701e0688ec975920ddc409d56365b6c38b30edc The package tailwind-autoanimation was found to contain malicious code. Source: ghsa-malware...
Malicious code in syqara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62fd7bca2ef5e78bc040138dfaac5d1c63a4efb820747b58406db43b6965a681 The package syqara was found to contain malicious code. Source: ghsa-malware 247c2c1d35e2e74ea2a025de37858894366c24053f4ff7517f2204ded2b20344 Any...
Malicious code in shopify-perf-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b8ab5bcfbfadc319f33cd1364bdbef1f7517fe3c502f9617bc77391014296a2 The package shopify-perf-kit was found to contain malicious code. Source: ghsa-malware b815f7df6ccc90c9082b80e772505706c55a58e7e187d18b01ff56e6524e57...
Malicious code in open-telemetry-mini-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81ad802a8e687f98fad0939faad9c0b5d2031689d0326e21e70785eade52bf15 The package open-telemetry-mini-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in oj-sp-messages-banner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2997bc3258b7333abbb7c3aa047917498aee227c667e865c51102062bc82916e The package oj-sp-messages-banner was found to contain malicious code. Source: ghsa-malware...
Malicious code in lium-4-96 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f30524e8a9ff2b7c5b43b57ea582beeba9d8f94da4097ecd572d26b4177e6626 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...
Malicious code in ent-file-upload-widget-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3fa37bcf44d315b1004c09b9e7c5d2089e62db393cec4a977fed97b12e3432b The package ent-file-upload-widget-v2 was found to contain malicious code. Source: ghsa-malware...
Malicious code in queryservice-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 92aafbccc7065760e0127931c5150c59561f3b753ab9fe79dbcbdafd1aef97dc Dependency confusion PoC that exfiltrates also potentially sensitive environment variables --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in @vietmoney/react-big-calendar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38aebebed4a38e2464d8abb76fbda4a16d4cf03b372124ec3d069c63f6e79f2 The package @vietmoney/react-big-calendar was found to contain malicious code. Source: ghsa-malware...
Malicious code in awsutil (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 86d4af9fafbcfb6e3789a38b426c744e4ac67da10eb1fa225be3a715189fb1c2 Dependency confusion research package with advanced module-mocking --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also...
Malicious code in backstage-plugin-glean (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 824531546cd7527be37fc4aa5ca2020424a1ecf090eaba3a8974105871c0931f The package backstage-plugin-glean was found to contain malicious code. Source: ghsa-malware...