225920 matches found
Malicious code in alf-ui-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e921c338478d9d9b6dd8bcf6413b03594cac2e53ac71b26a059488ee0833a9d8 The package alf-ui-js was found to contain malicious code. Source: ghsa-malware 32056719006c9565534074da200f7147ab2f96db963b372e3cf8e1e362d20ea3 Any...
Malicious code in chakra-ui-2--react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05221f163f14d551b861ff7d6ac6ea0d6c946d288b5d74ef14de5e10f6d6b43d The package chakra-ui-2--react was found to contain malicious code. Source: ghsa-malware...
Malicious code in cognito-auth-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9a30b64637eafca16b5e2eba32def6f026de37b2e2085a66aa627c5bfe9403d The package cognito-auth-plugin was found to contain malicious code. Source: ghsa-malware...
Malicious code in omnicore-ds2-sdk2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26e1c62468ce0da7fc1beb34de16d8faa8633411ce4217f2d4e6b6bf3fc92a53 The package omnicore-ds2-sdk2 was found to contain malicious code...
Malicious code in insightvm-ui-nav-menus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24e901eb03445094160df9df30313f817015ba26cdd09e82d4f527261acda35 The package insightvm-ui-nav-menus was found to contain malicious code. Source: ghsa-malware...
Malicious code in transitive-req (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d7b45680b49152176403af486a0af997c20d1eaa8179a69b8e5c3ee65a41e35a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in formater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 71f6a751b5ff98dceeee5863086a2d9988640b93d96ccef9d50fb0d0d1dd116c During importing the package automatically downloads a script that uses a Telegram bot to perform remote control over the computer --- Category: MALICIOUS - Th...
Malicious code in graponater (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9bbd986bf5883f6b5b40a7061c514b13f71a27c021471595671d060b260affc3 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in cors-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718e28ab42e6dd02cb599b331659e8f24be94c7d3b4e2dc859f1e09c34b7a822 The package cors-base was found to contain malicious code. Source: ghsa-malware 672c2f33d6521094e055da17d375ba21b3d35b58cd67db660f502e8f0512684d Any...
Malicious code in simple-string-utils3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d9f9db863d718f528caa234dfa722b2631eb76195f504f47670898aeb0634a The package simple-string-utils3 was found to contain malicious code. Source: ghsa-malware...
Malicious code in inquirer-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 477898ce4223aefeb43a52fa776b7236a069b176dff1c3a9cbfbb13ad57d6a59 The package inquirer-js was found to contain malicious code. Source: ghsa-malware 06897ddbb1fc8aa0c06fc7389198f7f96eceefdbbc08ead1032436eb45a0a0c3 An...
Malicious code in auth-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0897a10b33b937c04d8f134ccac05ecdfd6050bbfaffbb07cd3ade9256bd24 The package auth-types was found to contain malicious code. Source: ghsa-malware 1096a2a969c582b5029b85a0c4eb85eec4d53f96c178a1523abe0978392a139d Any...
Malicious code in @workleap-ai/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2800f2cfba8ac6e7a16ef977484e4da4d360c859848daedb5220c7d3595653e1 The package @workleap-ai/shared was found to contain malicious code. Source: ghsa-malware...
Malicious code in body-parser-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d1cf0401e8f508430b1d43b7fd16e5f0d2cf1e17ea7388b651ac0466d141db The package body-parser-js was found to contain malicious code. Source: ghsa-malware 1ce45487b7b908b88575fd497e5e1ee4d106c3e361fc36768c37937d4235ffd1...
Malicious code in n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd5b9fc4d665c764917757933148572fd5cfca44be431dd6f84281b068b1ccfc The package n8n-nodes-vbmkajdsa-uehfitvv-ueqjhhhksdlkkmz was found to contain malicious code. Source: ghsa-malware...
Malicious code in yunxohang5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b8411b8cd6fea01585a7c07048bb6880d2d0fe380b145a797bce43b1e96388 The package yunxohang5 was found to contain malicious code. Source: ghsa-malware bef3f7dd8a9554ed61db94960f012c42f81192bb019b989608cd9db4e50dfb78 Any...
Malicious code in shreddit.styles (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cce1be43bf6e26a99a58a3f011f71a44d06f3227d24bf2274c9f3b41c0fc3de The package shreddit.styles was found to contain malicious code. Source: ghsa-malware 2c65bd95325c1ee64e6f0b45b33b62af1973c49ed5c4eed64c725d08a51201b...
Malicious code in dotenv-intended (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 321eaa257985bd47bbf31b2f7ccdaef2df5b424b7b257400a48140ef6029e670 The package dotenv-intended was found to contain malicious code. Source: ghsa-malware df2195d5589f3e44d82053db7cd9ae186dfd168b35c9db8f97baa29f0c63612...
Malicious code in amdocs-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a6af3ffb67d97ff5a166cfa06c9dc841eab5d736ffbbdae5f3a693d7845be2 The package amdocs-core was found to contain malicious code. Source: ghsa-malware 19cbd66c5d36a7bcc61d3202596dea181a2782d867db3ea2cbb0e322f01b99db An...
Malicious code in do-not-install-this-package-002 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dc0f1ed2645f37e4b8df59ccca64288a02f6cc07009489c54565dfc5b0089f19 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...
Malicious code in btcli-security (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b868f818b1a81f5fccee1967f70c3ff9d75c218d14ec09882c576a9c2c213e Package clones a legitimate bittensor-cli library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious...
Malicious code in jsonify-setting (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8183b50e15a97c7409271a1f226a25472121ef2ff9abbd954ba9693ba63c6f6e The package jsonify-setting was found to contain malicious code. Source: ghsa-malware d31a9557fd6798ea1a21705b70127ad9840b9f527f34ed29161e68230fd1a86...
Malicious code in hoppscotch-agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccc9fa1661ed3de2ac221307d7e5cac1aea785ac1d0e2241ecd0001a05fea796 The package hoppscotch-agent was found to contain malicious code. Source: ghsa-malware 7c2ae92a02c69aaa3b5287d2172d0fbc6f8f1e3ae51c69f76c7a07e4dcc7a1...
Malicious code in svelte-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 822b182580c298051b9c1f8bb1e807bdb6c780fce64845002feebe37eddd0fad The package svelte-monorepo was found to contain malicious code. Source: ghsa-malware 1f5c5e96c4223fbe3046df01f3cda3aa9b821888050b45d82e92688609a7284...
Malicious code in bnia-work (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f78b12fa102dbd32d8d3a27c016f7b790124a3a73bdf1970768799e120183c30 The package bnia-work was found to contain malicious code. Source: ghsa-malware 2583fa3177342feb8975727c7ad5873d1a1e7bea2ce3ce445343aaa9a0b3459b Any...
Malicious code in npe-toolkit-server-deps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3eb14324fd68e20b30e8d4ebaa6af41f05a0596dd3e274650d3d75503199426 The package npe-toolkit-server-deps was found to contain malicious code. Source: ghsa-malware...
Malicious code in rt-da-classic-card-collection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40df14bf87fe4eb4e065fda942f953028db00c5e8148c1c1ccc2f6cf623d3611 The package rt-da-classic-card-collection was found to contain malicious code. Source: ghsa-malware...
Malicious code in rt-live-hero (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b963cc4f9c61717fb440dbd17f3897337fd7aa94a3d077bcd8307c2faf109c57 The package rt-live-hero was found to contain malicious code. Source: ghsa-malware f56b0f0c83fe7af0849099067abaa56333d2eadffeb3f8152244c74b40a706d6 A...
Malicious code in npe-toolkit-faves (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d361a1a46446a6e7317c9f4c3db039746ceea8e599e55c309a86dba366e8ecc6 The package npe-toolkit-faves was found to contain malicious code. Source: ghsa-malware...
Malicious code in hiqomu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f1b14ad8ceaca23c5a536740bb79e0425805fb3df3bd23448dd6cee7af377ad The package hiqomu was found to contain malicious code. Source: ghsa-malware 0bd082bac5a58a31b60a13d745e6ec55d8e49b1e4d5d17c9f3711f28e611f0de Any...
Malicious code in pycolorom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6babcee81c12759b66be4c0a8ba33c3f0272b052a47fda31227f4a6087ba8e5b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in evm-gateway-contracts-private (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d7fcec6a0025a21ed0b14bdd643dc22965e7c3ccd6dee0bfa6bf3285b97aac The package evm-gateway-contracts-private was found to contain malicious code. Source: ghsa-malware...
Malicious code in electra-web-player (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e90e20a5f518415d7ac86fad709a8ea6499445e427dab71949d06f62ace2dded The package electra-web-player was found to contain malicious code. Source: ghsa-malware...
Malicious code in okta-loginpage-render (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48116f31c0b827072f94f6157837d2fcb3be3c6a9985584328216403280bd6bb The package okta-loginpage-render was found to contain malicious code. Source: ghsa-malware...
Malicious code in matic-transfer-consumer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2bf4eeb30140d673f8136ab4039e9f3bcc3f3b7d7482e96260a2806bf890eef The package matic-transfer-consumer was found to contain malicious code. Source: ghsa-malware...
Malicious code in polymarket-clob (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e650fcd9e5cec151122c4e59ee9f829a9f8f3afbc998be35354879cd24f5d8bf The package polymarket-clob was found to contain malicious code. Source: ghsa-malware c6f2692198b832546ebc0a47e287ea8e976cbbacae0f1963545cb4610ddd08b...
Malicious code in ethos2.0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a012a962472733bf307c16dd1dfe1806727190273d53ac57bf4b524a26d34c96 The package ethos2.0 was found to contain malicious code. Source: ghsa-malware b646ddc4b3047452eaaf5304b21effbc2f0dd9800fd136ebfb4d33936f3bd8e6 Any...
Malicious code in eslint-supertest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06b784b251ddb3666b203fa36b7e7cd4e9101ff8c468c9d32423a398f40a6689 The package eslint-supertest was found to contain malicious code. Source: ghsa-malware 01ffd1e84f1255f84c7876957e188eed9ab1dad03915006b9f463510c22590...
Malicious code in redis-cookie-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91375f4f82c5d4299e69cf91489e82b06358bccaa40ec51ab1c19c3e03e3e99a The package redis-cookie-parser was found to contain malicious code. Source: ghsa-malware...
Malicious code in hello-world-npm-demo-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b3d59e455a083fe1d90b99dc29e2b1d207b769331e331fd1e01a28e2a1e7060 The package hello-world-npm-demo-example was found to contain malicious code. Source: ghsa-malware...
Malicious code in @crepo/crepo-url-query-mapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8556f30a48d0b1c957d0d66394801c28e6259503ed20f4cbf900102b962ee5f The package @crepo/crepo-url-query-mapper was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @signify/vue-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ff7ae41abedc64bde81c60772d7adf7e58c51a651ce76e0684c0ea713fe130d The package @signify/vue-components was found to contain malicious code. Source: ghsa-malware...
Malicious code in aiihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in atm_bmw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aca0601b1d8613895ac524d33f93ab92365d464e80eb526e58e2ca919abba129 The package atmbmw was found to contain malicious code. Source: ghsa-malware 20fd437233c7e774bdca9f661a997a94bd0d8373866763c3638f9bc12c588c5e Any...
Malicious code in kid-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc35802113ea5c7ac4e3d956e72af4ce3fbc5a9b3b8fc4c9d610d158d65250a The package kid-api was found to contain malicious code...
Malicious code in showdownxss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bc880126bd2e6f146d20b5f0ffac063167334b69f8a27a8e39446e2aa60ab1a The package showdownxss was found to contain malicious code...
Malicious code in pdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...
Malicious code in common-cli-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4c7bdeaa334d938afac649a1c3195ff47bf6fef18168e78b61ad22c6252450 The package common-cli-utils was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @vietmoney/react-native-htmlview (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82606664e32d7050a729171d5dac24f54950e90b7259a7f90a582e94632fcc61 The package @vietmoney/react-native-htmlview was found to contain malicious code. Source: ghsa-malware...
Malicious code in landingpage-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d33042e8f056ce06ca8931599f3a0d11547dd6a7d11d2f74ecc0140bd247533 The package landingpage-service was found to contain malicious code. Source: ghsa-malware...