226481 matches found
Malicious code in @sbseg-plugin/qbo-web-app-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8f63d78f9aa713d6b2f068258ae34a81a6c8cfaa91890865506ce11475a44d5 The package @sbseg-plugin/qbo-web-app-ui was found to contain malicious code. Source: ghsa-malware...
Malicious code in adminbypasser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 867991d0e6c74f15c2f231c002867172a4e03044a328676cf9b2ec07a7e48f68 Package silently downloads remote code and adds its execution to the autostart. During analysis, the remote domain no longer existed. --- Category: MALICIOUS -...
Malicious code in internallib_v157 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d07f4a0d2270cdcb827bb50e9f546d7c4ab3b07ede66343b90478831a731b83 The package internallibv157 was found to contain malicious code. Source: ghsa-malware 2a4eddb6af3191b7183a9223407a3a1b9fb4e1b4e96da5ee15af1ae2f0515ac...
Malicious code in log-symbols_updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92d79723570a5dc0d85c63b9ed1ab129a1be11ac69a75c1d2bd8c5cdcc12f6d3 The package log-symbolsupdated was found to contain malicious code. Source: ghsa-malware...
Malicious code in js-unpack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baae4c9e1fb444bb1fc5b81f94160a8301839d4ce71d2cb92b50b06037018c73 The package js-unpack was found to contain malicious code. Source: ghsa-malware 5d6859e5b9008340bf7f7c4d7128416913b37bf079c0b1657f6e9857b6b9f0db Any...
Malicious code in tableapys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2aff2faef3705b6233a6df3d6b39f4f9b88ff522aa7c343cd8d36eb1a40405d6 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
Malicious code in tarax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38b8d2d32117867326488c0c11c3433f88d30b084b30dd132f3b7a9c40c5eef4 The package tarax was found to contain malicious code. Source: ghsa-malware 2f70e23fbb33630933dc47a10dfd81d1e652f73e3ed7afe4aaee5ffc2b65afa7 Any...
Malicious code in kwp-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8db163baaddfa00a5ad4be917d7b8147bbc3b1b0807694614ab14ebac6c431 The package kwp-analytics was found to contain malicious code. Source: ghsa-malware 57994b2b00321595177d73893abdd66ed3fdbe0f5ff0a7565c59efb6126d9e7a...
Malicious code in yazxzpedia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f94694d3882914e6f75cc35db5533b7d7c4d9caebb2631033de332d3c49e562 The package yazxzpedia was found to contain malicious code. Source: ghsa-malware e97d515edc36ba99b0d5fa4cc5cd35798ff96229f05a9f93ba6dbef0631f1ac0 Any...
Malicious code in solhint-plugin-hyperlane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc1aa9de63bf20821ba2b8081862d56bf4238d4d5138cdfae10fa1d260ee9b57 The package solhint-plugin-hyperlane was found to contain malicious code. Source: ghsa-malware...
Malicious code in ezviz-shop-mall (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e8fa924e1aabab970bfb7f4b014f4f210acc59d591128c45fb41c33e1e8f8c3 The package ezviz-shop-mall was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in userver-requires-at-least-python-3-10 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 482925eb73388f3c834ceef6db5714f819970521367f7129878e38afbaa08bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mcp-pdftool-plus (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e92dea8be02288f271dacad2cd77f1bdd54596da1691cb738c4a7b7b4f77d21 When using the library, the hidden code starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign...
Malicious code in jwt-pack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4102b59becb214e216d479ce014231e41dd264560b48ef7750c7006a3c86e7d6 The package jwt-pack was found to contain malicious code. Source: ghsa-malware c16aba10441aad949bd96fd2a349f2f59d62bf56708394fd925b432c57e2c91b Any...
Malicious code in morty-package (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...
Malicious code in chai-as-hashed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f41b3bfa5c5bc9d3d747e0e36e6ac8139a2735004b33987b7c3706562f0a0246 The package chai-as-hashed was found to contain malicious code. Source: ghsa-malware 0f0e1b090cb9db7ad2687185748d227939549417c35f6cf08d5ec1e7c001b37b...
Malicious code in converse-rn-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d76925473e0e05137943f3ba72835d43a14fecbcd07a36ff4f8b362342a303 The package converse-rn-lib was found to contain malicious code. Source: ghsa-malware 2d5c359e434d151a2156ad29e2d3b287cd665dd67ede66ac8c32a968f2ebaef...
Malicious code in ern-picking2-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdd28d37200aac1cd5fc446acddca1c77227c48fbccf070f31a765422439184 The package ern-picking2-api was found to contain malicious code. Source: ghsa-malware 6d206018d9dd4cfb8e95bc0197ea0db4d442ee3b16f5209a2b452bc203dc8d...
Malicious code in morgan.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34775085e6638773de4ccac41092ae9954c9889f2c2a7bcd7cb7909375b53c4c The package morgan.js was found to contain malicious code. Source: ghsa-malware 6d6ee3da39907b410bc3a7d0baf6736a9c9c2f1c770a6e749c5ad2119c848d9f Any...
Malicious code in mysql2.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf03a68f80a8549d53b74c88dcddc103e1ba4941db706b05958b5a8afd7912b9 The package mysql2.js was found to contain malicious code. Source: ghsa-malware a62950456c9e80360128c446e77395618e0567734ef79c8d93f73aa0c1c45115 Any...
Malicious code in tripica-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2094e4c510f7d9f01acaf3dcdb4e2fda46afbe56f235d8168d81bcb984e52fc3 The package tripica-library was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in system-integration-toxi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 096a1a342309a85666ad92b45da1da18ca808e16c93819a3122b2c6bbc2a15d6 During importing the module, code downloads and executes a remote script. During the analysis of this package, the code was a placeholder, but the package is...
Malicious code in zabittest11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08a0084877b46812f2b43eaa232ecb1768d4b4415111ee65c741f2cc7acfa784 The package zabittest11 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in instascan-pro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 94d76fe0beb67ab3d875d659dac44b4650be6b8f5bbb4b43635c0fc2fa7b4af9 The package contains a module prepared to collect and exfiltrate user's files. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in overstock-jenkins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da8c5441a7b9b1ad7193650b05275dc85626691e1fa1f04bb0f21783fa75673c The package overstock-jenkins was found to contain malicious code. Source: ghsa-malware...
Malicious code in h-jsencrypt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...
Malicious code in eits (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eec23b0de809cd836bbc3b47232454674773608dd4429cb3ecd6a45fb5d9c2ee The package eits was found to contain malicious code. Source: ghsa-malware c01b198ab80fdc36e1397f6938db086271de12c3a19de4744858614f97742a6a Any...
Malicious code in oxnoxon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07667b579e49b5aa7dcc235c9e846cb1ea838af728878c44548d30a94b136dd3 The package oxnoxon was found to contain malicious code. Source: ghsa-malware dfafb8b040b2477ed33376b3c89b6854913025495027f4d32d6d8cd675ee84ec Any...
Malicious code in tableates (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c69d9a3e244227f4e4146b60829ead907656c47989b3b83e1e5f56a2c06064ff Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
Malicious code in integromat-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7de4e86762c4fcb7682615925818028501cfb55cdd9fdeaf238f2e186b1f121e The package integromat-ui was found to contain malicious code...
Malicious code in public-site-boostmoney-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7643372e3a22915c9385625b458ae16e2bb250b4b55e281371dc61644125e00 The package public-site-boostmoney-ui was found to contain malicious code...
Malicious code in uuu8lgd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1048ec8371fbc694883c71f227674b6b7ba3dcf534b1ed096ce4342a6e129920 The package uuu8lgd was found to contain malicious code. Source: ossf-package-analysis 07f7eda587433e48aed22a16c8f76973b55a61815311f38620239874795203...
Malicious code in tv-admin-commons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23c0b8199883c9cf5ea055f98b5f90f8cfb349eceba1b6c4026ef3b94c96872b The package tv-admin-commons was found to contain malicious code. Source: ghsa-malware 0b766afca3bfb069abd800cf6cb59759fc8555cdeb01e8d8e0576d5adaf720...
Malicious code in nanoid-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fad39f50bf85a03002a528aac3cf53797c47e72d196c7e0f9b92623e03088abf The package nanoid-js was found to contain malicious code. Source: ghsa-malware b20b5d4f24d425723aaaf45603909066d5983fe5341afba20f47d091f7ac0933 Any...
Malicious code in aws-crt-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82067e17b63298c1e09a6b616010b7a8ebf7f607510795f98428f8e5305994ab The package aws-crt-nodejs was found to contain malicious code. Source: ghsa-malware 40ddba391f5ca6a4fa75fe5e5440dfd1f57833b391d8db3c2e5918aef284a294...
Malicious code in react-native-webview-forked (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48574c96ad66df5527d36dccb8f8c425b244bb90c2ac49491618968865ccd7da The package react-native-webview-forked was found to contain malicious code. Source: ghsa-malware...
Malicious code in @cda-apps/source (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b5806c1f8be7708beab46a8c3d8c222da577363ce72533ed3fb40aadd28a7c2 The package @cda-apps/source was found to contain malicious code. Source: ghsa-malware 356aaa5e677bd040b40c0cec9325f05ae0c9e0e05c364bc0db6ba9837d4607...
Malicious code in zod-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d6e0134575d22df9c8acb633e41aeb44e167203581cee75c81264667e9bdee The package zod-js was found to contain malicious code. Source: ghsa-malware df349fd5990c0cb74fcaa574f32fd30796c00bbe619ee60bd0eac1a658c7dd49 Any...
Malicious code in tronweb-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d60b4098130965b3c2a5c2db0b1ce1c0f4cbde94f9719e9f12b3b90c982478f The package tronweb-tool was found to contain malicious code. Source: ghsa-malware 6592f1600a6d596ff1db03a849560d8a3ccd1643ad249a7bb5a46bac048e2748 A...
Malicious code in @spx-workforceops/shared-vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e3a2bf3fdf03e628dd6981636169c3053e7aa01b62d709e07a1e13184f0b93 The package @spx-workforceops/shared-vue was found to contain malicious code. Source: ghsa-malware...
Malicious code in @spx-delivery/react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b03f32e2859ef16f71897fc985589e436c704979df087b57bb61fedb63e89c51 The package @spx-delivery/react was found to contain malicious code. Source: ghsa-malware...
Malicious code in @flipster/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7959db4a5848d904daa027ec759ca4588e6c033f1df17a82686a3d28d2dd2e9f The package @flipster/utils was found to contain malicious code. Source: ghsa-malware 0490c6f411da9b1fa5efbfd1cad8e7b41ec915751813279fb2a89a0f5e96752...
Malicious code in helium-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643f63c743fd06fb24cb2d488e001ce0efab3f0d82014801ea2eebad96041692 The package helium-module was found to contain malicious code. Source: ghsa-malware d34558c0d1e56c0103ad087e485e142f3918050a1b0bdc15fc7e7b46c1a2ae1f...
Malicious code in extended-path (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1daed3089b5ef77daaeecaac9fe17f36363fd47d3dbe2814f5902c7ec3e61a74 The package extended-path was found to contain malicious code. Source: ghsa-malware 69c860714616f6ecc1c5b9d066780ece372fd1346ffce61438ecc12c9a98b30b...
Malicious code in tailwindcss-animate-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 150bc7ffcbd255578f8dc6e8ce8781a01e97dcdc6a57436976f6b08beb371807 The package tailwindcss-animate-tool was found to contain malicious code. Source: ghsa-malware...
Malicious code in framer-motion-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e5cb35fb0103b934b0b73f1556a3b5a7b83ecb9cd1c627b4c44d4a35d658f3 The package framer-motion-js was found to contain malicious code. Source: ghsa-malware 3ef4e281f7e4f36adf0bb94b56ac5c7c3d34d58b634939eb1cab10906136e9...
Malicious code in n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 153a9330a9d7d9400ff4dd8525ff7d5069ca8ead835562e7ffe0bc16a4c9b22b The package n8n-nodes-ggdv-hdfvcnnje-uyrokvbkl was found to contain malicious code. Source: ghsa-malware...
Malicious code in @kyriba/mf-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa1b2dd3479a677d975d11f8fe29e2cb24cbcc3a90c05081fa1632822c7c2f5a The package @kyriba/mf-kit was found to contain malicious code. Source: ghsa-malware 5316d385b586e69d62f54165ad5c9a973bf0bdfc3ef7023a0f7f53c784bb7131...
Malicious code in btcli-security (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b868f818b1a81f5fccee1967f70c3ff9d75c218d14ec09882c576a9c2c213e Package clones a legitimate bittensor-cli library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious...
Malicious code in syqara (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62fd7bca2ef5e78bc040138dfaac5d1c63a4efb820747b58406db43b6965a681 The package syqara was found to contain malicious code. Source: ghsa-malware 247c2c1d35e2e74ea2a025de37858894366c24053f4ff7517f2204ded2b20344 Any...