Malicious code in agent-framework-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc8c54e8fb3b687786f6141ea8ea92fa6eeb60de018eb8543a325bac6eed1f67 The package agent-framework-web was found to contain malicious code...

Malicious code in @3stripes/config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fea72a3f12c815ec03d587d20386eb4726c301d381fa23d720c25dc903bdcb4 The package @3stripes/config was found to contain malicious code...

Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-adapter (npm)

chai-as-adapter is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-mobj (npm)

chai-as-mobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/31bccfbf4ee2732207a4 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in vs-supplier-portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4ce50d0cee946b14aa2dee0c469a73331ff0c63bc65b134b3b50edb5d43c54 The package vs-supplier-portal-web was found to contain malicious code. Source: ghsa-malware...

Malicious code in @pnc-ref/harmony-core-v18 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9af3593ce67756288a2b5c3d0b337f86b5dc510085895bc2d8f76629a79a350 The package @pnc-ref/harmony-core-v18 was found to contain malicious code. Source: ghsa-malware...

Malicious code in @jesusvizcaino2021/com.baogong.app-push-permission (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 457170b51d87c7f84644a72a71a9979508a99061e7e8fdee3aa8c2e170493b12 The package @jesusvizcaino2021/com.baogong.app-push-permission was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ckeditor5-minimap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f65f71fdee0224ec38d03c631d1df1a8454347b6d82cfda912b11d387052898c The package ckeditor5-minimap was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in tether-wrk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e816f71a9a4581a5adacb19f57871ba8a9118bb980fbcb97c74d6b601a7e517f The package tether-wrk-base was found to contain malicious code. Source: ghsa-malware dd91537dad139a68aee6f4c63c4f9afb6bd315f2d76ee0e8e998dde7a421ef4...

Malicious code in @automation-toolchain/f5-cloud-libs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bfc189949f1db0cdc70361f74210d6fe3f92c3e69ddad9491d9c7615465f9c6 The package @automation-toolchain/f5-cloud-libs was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in vip-landing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1a30b342d6480583e23a375439f7332f03167d039b9b5471fa038d2374438fc The package vip-landing was found to contain malicious code. Source: ghsa-malware 63f1dbbecde9c755138a598580ab543e38ddcd44460ce05ec9532e8475bfc2a2 An...

Malicious code in walmart-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4cb99836d95f651dcdf50a02819e299598fbb9e62a702601ce6fa89c3ed6ec0 The package walmart-internal was found to contain malicious code. Source: ghsa-malware 88f5dbf5cfe998f7ad3015cadd6b280accbeb5aadf15cdc7575f4f83a6f572...

Malicious code in @spoonflower/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29845a092ba3a019d35adbb88e7fb15512c600cb11fceab06cb845fca75dbd2 The package @spoonflower/ui was found to contain malicious code. Source: ghsa-malware 68f97ac64dba33bf11aa1a9ae810a78f7fb21470e2ccce80e8975cc56d012a7...

Malicious code in @spreadjs/js-calc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7909a65c6a2c928f12a2333a6e1c53c7dea90685fe7b2be35f120654a6f86d7 The package @spreadjs/js-calc was found to contain malicious code. Source: ghsa-malware...

Malicious code in @aircall-ecosystem/integrations-msteams-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4343cd15bb1d3104166b2ddf4f549bc184fde49233b5cfba97f353f00a8c2a2e The package @aircall-ecosystem/integrations-msteams-frontend was found to contain malicious code. Source: ghsa-malware...

Malicious code in @cash-web/no-hardcoded-font-styles (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de4c59cdf3bb5203f5c7721d9180aa09a481a9dd1a6f6aaaf9ca43db40f07287 The package @cash-web/no-hardcoded-font-styles was found to contain malicious code. Source: ghsa-malware...

Malicious code in @b2b-portal/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a28e67919e3dfef2a8a434caec109791355b6f43d434d22bd9515f348a692c5e The package @b2b-portal/core was found to contain malicious code. Source: ghsa-malware 7a10dd57d5e27c26f36c8207faa6449838827281be33c9ecc99e025cfdea19...

Malicious code in arlo-meeting-assistant-rtms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5f17c482aef8ac270cf630fe452dacc79acbeb0b473ffd0ac640769e1a0fb6 The package arlo-meeting-assistant-rtms was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in arlo-meeting-assistant-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f86efb0af8fce5d8b08964a6f53fed7c81bf67b9072c61b3f103118cb382161 The package arlo-meeting-assistant-frontend was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in arlo-meeting-assistant-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 842ae675e3d076ecc89e2697ee378f503945bae268487584277cd92a93ec44fe The package arlo-meeting-assistant-backend was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in strapi-plugin-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 322f1a7c9723db125a9be39dcb3f897ca2f65146b7b71874bb3ec26a4825d521 The package strapi-plugin-cache was found to contain malicious code. Source: ghsa-malware...

Malicious code in totally-safe-util (npm)

Multiple suspicious behaviors: postinstall script, hex obfuscation, OS command execution to open a Rickroll, and attempt to hide execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d45a8a1395a8ff66e2ea74cacd9d8de0ebaa9e88e0170a6907b3e4861a2acc5 The packa...

Malicious code in @not-nemo/crypto-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f3d07c3fa41dbb4ad057bb2b346b271dcbef43545376e8a8ad252d64abd7e25 The package @not-nemo/crypto-tracker was found to contain malicious code. Source: ghsa-malware...

Malicious code in strapi-plugin-debug-tools (npm)

strapi-plugin-debug-tools is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

Malicious code in strapi-plugin-cron (npm)

strapi-plugin-cron is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology. I...

Malicious code in expeewas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcb3aafc860058ba4e9a64c6fa7dba85b7df72d68971ef7c673245e4ac02820f The package expeewas was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in exaprse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6cac7f3a62099b4980a3948c78a3a231085dece3eac1d5ca3aa0bc3b0d102e5 The package exaprse was found to contain malicious code. Source: ossf-package-analysis e6b772ab3336f1923332b7f4042b5daa8ea5fdef08b605e35f6410c40f6a25...

Malicious code in partner-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0b992863c06f797a9dddef6a493b0391094c9a2ae31fec47e961dd1afdf562 The package partner-tracker was found to contain malicious code. Source: ghsa-malware cfd28d767cd7e0db43c5c52d0b219663552acd6a5f60a34795736624c5cb612...

Malicious code in bs58-basic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56502a3bb31374f7cf0d79d8abc98ccac595ca94fe2b9720daeeb9217901c9e0 The package bs58-basic was found to contain malicious code. Source: ghsa-malware 5101b36fd690268aa870c7d458d29e404540f3d3cc29dd19404137ca9f618f56 Any...

Malicious code in ethersproject-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b1c992cfad672d784afa83763c813b657de3834631b9dd92b6aaa7237e87440 The package ethersproject-wallet was found to contain malicious code. Source: ghsa-malware...

Malicious code in spanner-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 659a15d63f794432104121cf729687768f76fa3dadd0b4ae9d8c9327021122af Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in prodaccess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71f3b91c61448eb2dee3cfb46f56b4e38dab0202af78c52163d5b6ab98e85c2d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in eslint-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bd32859b79bc7696823cfd3fb1a51a5036a19dd9e92b88f4c3cbc2d06fca8a9 The package eslint-validator was found to contain malicious code. Source: ghsa-malware b74db6c61aeb8e5a3729f1f8e311559e5203aab14dd2c8ec8c87ccb868a1ff...

Malicious code in dgxeon-soket-buttonx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a92a6c68bc523541697f8bb80096a0b9425efac6c8413c08e4dea82afad4e4a The package dgxeon-soket-buttonx was found to contain malicious code. Source: ghsa-malware...

Malicious code in somepentest-test-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 182c836a44b13e44121972147eb66dc5d5a419513811927d1a3c7ca39be6fa4d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b6cab1dae06f51e2aaa57704d8374b6882440070d0796e7b719a85e6f803888b This extension is a compromised version of the offical Trivy VSCode extension available on the Microsoft Marketplace. Versions 1.8.11 and...

Malicious code in @emilgroup/numbergenerator-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb683bd2b58170dd475a632d83ded202109e3d58609bbc2952c83baa19c6f3b3 The package @emilgroup/numbergenerator-sdk-node was found to contain malicious code. Source: google-open-source-security...

Malicious code in @opengov/qa-record-types-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0be39ed161d642824f2ce1f8511e03759918909ba0218265174294129a172d01 The package @opengov/qa-record-types-api was found to contain malicious code. Source: google-open-source-security...

Malicious code in @opengov/form-renderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6c8cb05cb54fe0f2f81f0c9a5ff43f2c4a45ab0fa31bcc1d1cade080e731c3d The package @opengov/form-renderer was found to contain malicious code. Source: ghsa-malware...

Malicious code in @sixcore/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1286e85f8b045ceb430500873b6a172bc5bef2193da8d53ec25183e7a4984cd8 The package @sixcore/baileys was found to contain malicious code. Source: ghsa-malware 4d631c0d901cd4ee9e33f1b24f2a7e067cb4369c7813ce8d46e7e7f0e2217a...

Malicious code in super-alias (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ee12ec5ce74c0899ed60e17d1baf7095efc7ab305e51d4fcf20db72306621f The package super-alias was found to contain malicious code. Source: ghsa-malware 2c8c29e0ebca0170c77383154e5c6f2fe5280412fea18d255b496b94ae0aac5f An...

Malicious code in changelog-utils-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bec9a644e6b7c6be0e1e95ad8690cf8c19568061865f8e185552431e09fbb38c The package changelog-utils-wrapper was found to contain malicious code. Source: ghsa-malware...

Malicious code in simple-util-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4e97df136a9f8721793e4556b53f908cb10a6df1b2febf5edd3d9d8ef7ab2c7 The package simple-util-kit was found to contain malicious code. Source: ghsa-malware ade2d906419f8d8a97dff43ed8530e27612faa88503c6696838b30f201d5e6c...

Malicious code in globally (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1f2d16dd9f9dc8f8c54504946e96b931fab9f6c893012e17b0c03dd531c49f5b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in aristanetworks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 734e78214abbde694d6041663ec7e34bb9f31c9265856540de7a1c0a8ffe5e33 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in python-glue (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df7fb99f81d8afd1a93e643a95ebb6d2a873e73b15ae8c6fada22746ccf7037f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in @shennmine/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f4d27219071c7adbcedd56c54f0ca559b3d3651e6203b38d5170bb0e239f66 The package @shennmine/libsignal-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @rexxtheproject/elaina-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35f9ef0d26d553f66ecfe3fb2813906a4a457ec3918fb5c0508441f3e13d3fa4 The package @rexxtheproject/elaina-baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in @eric-orderbuddyinfo/react-noval (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae5f280b7537acc7eb9e1d8c12acdd2142bb02e391be55b2157ed90eb2044d06 The package @eric-orderbuddyinfo/react-noval was found to contain malicious code. Source: ghsa-malware...