Lucene search
K
OssfMost viewed

226445 matches found

OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/10 3:29 p.m.•8 views

Malicious code in siempyl-sumo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 493e667735febe5b3e4cd2cc47ae0b5a09ddacf051dc2804e5e742574ceb5ec4 Dependency confusion attempt. The user identifies themselves as a HackerOne user abusing the PyPI for the purpose of a bug bounty program. This package did not...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/10 7:7 a.m.•8 views

Malicious code in @genoma-ui/components (npm)

Malicious package detected. It uses pre/post install scripts to download/execute code and exfiltrate user data via curl from a hardcoded IP. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5fb9acd5bf2a73c82be9ac19b7c0cad285cfea2a4b6ff69655f61e7e4a0c26c The...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/08 7:3 p.m.•8 views

Malicious code in black-moon-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c672e4ab8770773551a9ff9b6b95a5740894bd1c689154056f69e5da4fdb879 The package black-moon-js was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/08 4:19 a.m.•8 views

Malicious code in @fairwords/encryption (npm)

The @fairwords/encryption package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variab...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/08 4:18 a.m.•8 views

Malicious code in @fairwords/websocket (npm)

The @fairwords/websocket package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variabl...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/07 11:37 p.m.•8 views

Malicious code in @sie-ppr-web-checkout/app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 977089aabb00f7d390dd6bf7ad3e9038c4998ec2ccf93a2e38016f525c32f368 The package @sie-ppr-web-checkout/app was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/07 12:16 p.m.•8 views

Malicious code in @aspect-security/argon2 (npm)

The package performs data exfiltration, arbitrary command execution in preinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b426577fc5361773d25297fdb9fce28835e15d9ab86909c6652f5c1b71c4e543 The package @aspect-security/argon2 was found to contain...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/06 4:24 p.m.•8 views

Malicious code in frontend-backoffice (npm)

Malicious package due to arbitrary command execution, data exfiltration to Telegram, and a suspicious preinstall script executing code on installation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f06949fafe41d4b38a42b1c5573750638b411c02b6edcb1958f3f5aad933d...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/05 7:40 p.m.•8 views

Malicious code in cloudera-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e0a829db4a908047174ccb540d590c9df780c994d9ecc1b1705247f89612de The package cloudera-poc was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/05 7:35 p.m.•8 views

Malicious code in databasetapes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d859d21aa59dfad2efc5c2f98253cd1cc808621fb3b7525037c104324e27dfe8 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/05 1:50 p.m.•8 views

Malicious code in @not-nemo/crypto-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f3d07c3fa41dbb4ad057bb2b346b271dcbef43545376e8a8ad252d64abd7e25 The package @not-nemo/crypto-tracker was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:10 p.m.•8 views

Malicious code in strapi-plugin-health-check (npm)

strapi-plugin-health-check is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:9 p.m.•8 views

Malicious code in strapi-plugin-cms-tools (npm)

strapi-plugin-cms-tools is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:9 p.m.•8 views

Malicious code in strapi-plugin-hextest (npm)

strapi-plugin-hextest is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:5 p.m.•8 views

Malicious code in strapi-plugin-nordica-api (npm)

strapi-plugin-nordica-api is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:4 p.m.•8 views

Malicious code in strapi-plugin-nordica-sync (npm)

strapi-plugin-nordica-sync is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 7:4 p.m.•8 views

Malicious code in strapi-plugin-nordica-tools (npm)

strapi-plugin-nordica-tools is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/03 11:3 a.m.•8 views

Malicious code in mgc (npm)

Package fetches platform-specific stage-2 payloads from a GitHub Gist. The stage-2 payloads are full Remote Access Trojans RATs for Linux Python and Windows PowerShell that beacon to a C2 server, exfiltrate system information, enumerate directories, execute arbitrary commands, and support binary...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/02 6:21 p.m.•8 views

Malicious code in exprrrress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3605883655f4870250aaab1c630151c6264e54521d1a711a088871de1fe5ea5 The package exprrrress was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/02 3:12 p.m.•8 views

Malicious code in exaprse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6cac7f3a62099b4980a3948c78a3a231085dece3eac1d5ca3aa0bc3b0d102e5 The package exaprse was found to contain malicious code. Source: ossf-package-analysis e6b772ab3336f1923332b7f4042b5daa8ea5fdef08b605e35f6410c40f6a25...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/02 3:12 p.m.•8 views

Malicious code in 4xperss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6de1a8af1dbe21de2e06785a6a5e41a438f356fe440c8b121b808975ef95f5fe The package 4xperss was found to contain malicious code. Source: ossf-package-analysis d8cb27dbe58e29571ce6b777903222af9497b79676e8301021d03f159c5d77...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/02 3:12 p.m.•8 views

Malicious code in 4exepreds (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713fcab117c3d896c25c79498daded14d2b7d69baecb99c233703f421caaca26 The package 4exepreds was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/02 12:10 p.m.•8 views

Malicious code in partner-tracker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0b992863c06f797a9dddef6a493b0391094c9a2ae31fec47e961dd1afdf562 The package partner-tracker was found to contain malicious code. Source: ghsa-malware cfd28d767cd7e0db43c5c52d0b219663552acd6a5f60a34795736624c5cb612...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/04/01 5:58 a.m.•8 views

Malicious code in pygithub-async-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3c20bbcf01f681691e2c58279ff8311b11abc35424e16ed9adc942cf82cca2ba Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/31 8:37 p.m.•8 views

Malicious code in latinum-wallet-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 afbe7d2a026f5fb11d3046e061ded50c350b420b146cd446fc0e009cb7190543 Starting version 0.0.32, the code automatically exfiltrates the private key together with other metrics during the buildmcpwalletserver call for the Solana...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/31 9:26 a.m.•8 views

Malicious code in officepyai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 563256c9d63fdb25dd344ade9c0df9605a7b22e3fc849f2512f5366e557e562c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/30 8:21 p.m.•8 views

Malicious code in databaseroboats (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 758a06f15ef5917ecf964bae5fa46f084b028b69c8dd133acb90da972f6a6f09 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...

6AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/30 11:55 a.m.•8 views

Malicious code in hiveos-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6d040e58dddde324da836a19a41eb5c65698ef869ed3e534f662136f1fb48440 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/29 10:45 p.m.•8 views

Malicious code in bos-decoration-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cb5985779c5099333bec5b084b209c36dea0dd9fa47ef2c2d7c3630c33daaa5 The package bos-decoration-elements was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/29 10:6 a.m.•8 views

Malicious code in interwebz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 02fa95914b7edc63771b97f48f4e05119f87309224b5e9b5aa990ab6dda8acc2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/27 1:27 p.m.•8 views

Malicious code in monolith-twirp-pullsd-teams (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0a21f2e863ad85bc56da074019b5369ed68dc7280d0c81ff65dd8425308c7f6 The OpenSSF Package Analysis project identified 'monolith-twirp-pullsd-teams' @ 1.1.1 rubygems as malicious. It is considered malicious because:...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/27 1:26 p.m.•8 views

Malicious code in monolith-twirp-scribe-scribe (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b03619db6c705a6825d54849e5322d125ae380dbb1f7e404b46718868185faeb The OpenSSF Package Analysis project identified 'monolith-twirp-scribe-scribe' @ 1.0.6 rubygems as malicious. It is considered malicious because...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/26 12:52 a.m.•8 views

Malicious code in @solana-ipfs/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 767b9130ad69548a70a52f86dfe12ae295731bb407cba85504eb9e02c56d64a3 The package @solana-ipfs/sdk was found to contain malicious code. Source: ghsa-malware 980d6b7d6391f5f58861078fac68f9222d3365190f1482debece7ae55b0170...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/26 12:42 a.m.•8 views

Malicious code in node-coremesh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c5a0cdd89bf30a4af39a8b084445dc8db5a9433149b2935e8c2ad63a3cef008 The package node-coremesh was found to contain malicious code. Source: ghsa-malware f8ed9a272c9d2d960b2ddae6ef1f7128ff576014f4d3c296ca2b6d74eaea4ceb...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/26 12:33 a.m.•8 views

Malicious code in @opengov/qa-record-types-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0be39ed161d642824f2ce1f8511e03759918909ba0218265174294129a172d01 The package @opengov/qa-record-types-api was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/26 12:33 a.m.•8 views

Malicious code in @emilgroup/commission-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88cda98ba417752b6bf4aef7eb0ecf7410017226165423202ca4d5886f370478 The package @emilgroup/commission-sdk was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/26 12:33 a.m.•8 views

Malicious code in @emilgroup/numbergenerator-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb683bd2b58170dd475a632d83ded202109e3d58609bbc2952c83baa19c6f3b3 The package @emilgroup/numbergenerator-sdk-node was found to contain malicious code. Source: google-open-source-security...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 2:14 p.m.•8 views

Malicious code in super-alias (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ee12ec5ce74c0899ed60e17d1baf7095efc7ab305e51d4fcf20db72306621f The package super-alias was found to contain malicious code. Source: ghsa-malware 2c8c29e0ebca0170c77383154e5c6f2fe5280412fea18d255b496b94ae0aac5f An...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 11:59 a.m.•8 views

Malicious code in levex-refa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba11828b57921035328d22b68ebf7ecb28dde3cedc4b58f874cf39c14583c5e0 The package levex-refa was found to contain malicious code. Source: ghsa-malware 5ce255ba60f9db881f821e9c9268a5c70e002212b5b0df88b274878592d4696d Any...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 6:56 a.m.•8 views

Malicious code in vision-service-python-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 faa725015cfe04b49bbcf9f472d21a77993c7ca9692ad2b0912e9bd3d2554669 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 6:54 a.m.•8 views

Malicious code in hy-api-utilities (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e47cae7d998d465d8ad1e4944051a42ee3cbf939476004154800628a94b828f3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 5:6 a.m.•8 views

Malicious code in facebookresearch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b2532cd269873dbda78f99b9e22ab736c64c48ba32fa5c27deaf173fdbf33397 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 5:4 a.m.•8 views

Malicious code in sonic-platform-common (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 5:4 a.m.•8 views

Malicious code in aristanetworks (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 734e78214abbde694d6041663ec7e34bb9f31c9265856540de7a1c0a8ffe5e33 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 3:5 a.m.•8 views

Malicious code in @shennmine/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f4d27219071c7adbcedd56c54f0ca559b3d3651e6203b38d5170bb0e239f66 The package @shennmine/libsignal-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 1:50 a.m.•8 views

Malicious code in @eric-orderbuddyinfo/react-noval (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae5f280b7537acc7eb9e1d8c12acdd2142bb02e391be55b2157ed90eb2044d06 The package @eric-orderbuddyinfo/react-noval was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 1:23 a.m.•8 views

Malicious code in torchunmix (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bee332cb141dec3033a9c1590cfb3df81e7dfa66dd4a4ce0072ccc92f9301891 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/25 12:35 a.m.•8 views

Malicious code in tailwind-animationbasis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 613bfa904c0195c7d59209123554b2be83ed4a0568c174e8b221e22725fec103 The package tailwind-animationbasis was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/24 10:23 p.m.•8 views

Malicious code in snooty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f8ab89ca752c54d473b700a5521cb00a7d1d54a50debaa5be8be438c778a5f6b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
•added 2026/03/24 10:20 p.m.•8 views

Malicious code in target-iceberg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 95793a2b88fbc5bdaa5d42387e7472b796fe34c61959909a928f534137c101d9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
Total number of security vulnerabilities5000