Lucene search
K

226591 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:26 a.m.5 views

Malicious code in simple-node-calc-b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78b115418f82ef73f995f3bf6b0cb8bf50da516b56c691b76ccb939491d2b046 [email protected] ships a binding.gyp that includes a modules file declaring "lodash": "!node lodash-compiler.js". The gyp !... syntax execute...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:26 a.m.8 views

Malicious code in simple-node-calc-a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9a86d4aeac1d4f5fc458b3058f4b13229cd2097c9d8e5cf3e4d45aa24980ad8 [email protected] advertises itself as a pure-JS calculator but ships a binding.gyp that triggers node-gyp automatically during npm install...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:26 a.m.5 views

Malicious code in simple-node-calc-aa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7274769c1f72a3c00ec34290bd2e0dff85b9c41d6a85cfffc1b164b46280de72 Package advertises itself as a trivial arithmetic helper but ships a binding.gyp whose sources list uses gyp's !... shell expansion: "!node...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:26 a.m.6 views

Malicious code in simple-node-calc-ccc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9bfe35484999f40374a6dcfea11247cf3407a3177e27506c714407b9384036a Package name 'simple-node-calc-ccc' presents as a trivial calculator but ships lodash-compiler.js, an 87KB obfuscator.io-packed file using rotating...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:21 a.m.5 views

Malicious code in subsearch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04245cd013e6aa9edb766cf14249c9dd6abd19d6beb9671c22a1a8bbbff3d511 The package's main entry index.js is the only file of substance and is wrapped in obfuscator.io string-array + RC4 obfuscation that hides every liter...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 7:10 a.m.6 views

Malicious code in stitch-design (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81a0c5de3abe7924f58304e27e1537821c217c9348c060b31c5424407f9f10cc The npm package ships a preinstall lifecycle hook scripts/preinstall.js that, on npm install, reads classic installer-secret paths — /.gitconfig,...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:53 a.m.6 views

Malicious code in based-32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52ca241d887ed83628c8c4a4432ca0f832d092e6058c7ab4250cc5b169ba7fb9 based-32 advertises itself as a zero-dependency RFC4648 Base32 encoding library, but dist/index.js ships a hidden trigger inside the exported...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:46 a.m.5 views

Malicious code in howdybase32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0eab759e668db62de0eaa10d1f5d32c689b00c7c3d6d2b1517439cc5df3e956 The package advertises itself as a fast, zero-dependency base32 encoder/decoder, but its only bin entry bin/hibase32.js silently invokes...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:46 a.m.6 views

Malicious code in nizzybase32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd8ad52e73a1c796a1dbe22501f4ef2d42f3ceea98cc259e1ceefb1a214cfa56 The CLI in bin/hibase32.js computes SHA256 of user input and, on one hardcoded magic digest...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:43 a.m.6 views

Malicious code in base58-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 048a186e2e59bb0b7d9986c7099e527390e38690292bc49e237578a471c56680 The package advertises itself as a Base58 encoder/decoder but on require schedules a delayed payload that performs multiple installer-side attacks...

6AI score
Exploits0References12
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:43 a.m.5 views

Malicious code in bs58-86 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 057e2e470e0bc9dbfd2ff37955c0c7d051cca944025b9d62c882ffc98c4434e5 Package [email protected] reproduces the name, README, repository URL cryptocoinjs/bs58, and exported API of the widely-used bs58 base58 encoding library...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:42 a.m.7 views

Malicious code in base62-86x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 811002816e7f72588c7c6540b088af5c44b8280574e43dbaeef4701fe377fe9f Package impersonates the legitimate base-x/base62 library by Daniel Cousens name base62-86x, homepage pointing at cryptocoinjs/base-x, identical sour...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:39 a.m.7 views

Malicious code in agentsync-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 430fd9891020d33aa720cede12887f97615ac764bd8af19dc27f18bba4729c38 The package advertises itself as a zero-dependency pure-JS markdown sync tool 150 lines but ships an undocumented 2.9MB Windows PE binary at...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:39 a.m.7 views

Malicious code in agentsync-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b383c760dffae4a26d7f94b433bbe00dedb2426b23f4713610d6f5f36c594cf1 On every import / require'agentsync-pkg', src/index.js line 152 resolves bin/native/parser.node and calls require on it: const p =...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:14 a.m.7 views

Malicious code in logfmt-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb22b2557674e7d616805d8a4086d69e02896be169b9e5d4d053eb3628ebe038 On npm install, scripts/install-check.cjs registered as a postinstall lifecycle script fetches a JSON config from a hardcoded anonymous Vercel app UR...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 5:56 a.m.6 views

Malicious code in polymarket-stake-math (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8a5200cef3811ce98e489080709917dfafc2216a17f90329b9930e0f5f630a1 The package ships a postinstall hook scripts/sync-peer.cjs that runs on every default npm install. The script compares the installed version against ...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 5:56 a.m.6 views

Malicious code in polymarket-stake-maths (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 657363aaa0b94385d30a26c1f4ee67923b0d877975850ad08f8364c2a901d8e7 On npm install, the package's postinstall script scripts/install-check.cjs fetches a JSON config from...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 5:49 a.m.5 views

Malicious code in easy-time-format (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68e3ed59cdf42b986633df92080189576ccb0c6482e9418dab47b72ac45cf97b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 5:29 a.m.6 views

Malicious code in tokenization-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81f8a194aa79844110dede95f5f8c798d05c04c08f1a4f5d8822124b17c65fa6 The package advertises plain math/formatter helpers but index.js contains a heavily obfuscated payload concealed inside the calculateTokenPrice...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 4:57 a.m.6 views

Malicious code in unifydata (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c62d93328810f03f3aac73777f406eee1b3413e1c3320eb87f3445754dba9d3 On require'unifydata', index.js calls initPlugin at module top level, performs an HTTPS GET to https://jsonkeeper.com/b/B40HL, JSON-parses the...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 4:43 a.m.7 views

Malicious code in anthropic-claude-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39eab369e2498da827d3bbd331effdf24b99ab28961e62da7328e4476e328876 Package anthropic-claude-latest claims to be an 'Official Anthropic Claude SDK wrapper' but ships no Anthropic SDK code; the README is for an unrelat...

6.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 4:29 a.m.7 views

Malicious code in block-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45d25c6b3ae56eaaf7f76995fc0b6f93a8499b9cbe2315446a63cb5601d841d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.8 views

Malicious code in @su-doughnym/metrics-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1b02acc9d8d069bfdf5db415cb18c33e05ffdcd577532cfc3dbd112e4d9a6f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.7 views

Malicious code in poc-publish-test-su-doughnym (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54e0dbb8f5ce514035d0c4596f5b78b47f14ab145f2d43172bf13b595df78661 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.6 views

Malicious code in @su-doughnym/loginui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97528ba896a094d6b1ed4306c1553ae6f3887d808d4e4bcb6d03d9ee29e1a8b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.6 views

Malicious code in @su-doughnym/react-dlb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c4b5ea9035f910a7193b9da02623e92d8364869382bf683b3469ea3a2b46fdc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.8 views

Malicious code in nabisco (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c6b974c237c0a7f1806c58521bb7f5353e013785144f2124b21d0fe676c2b7c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.6 views

Malicious code in two-factor-prompt-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7f55251c2837eacfe7f8b0c2ab44077608dc2562f3c167dc1d2927b9f730fad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.7 views

Malicious code in @su-doughnym/hubspot-loginui-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e22fa4def0472cf65c32dfc2476ccebd428bc92163cb0095bea52240b1c1c914 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 2:16 a.m.8 views

Malicious code in data-fetching-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e3b28cd7d92e52caebbbc24439e3075e592ca43dbeb5cd711d4ccb3df74c1ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.7 views

Malicious code in solo-nav (npm)

The solo-nav npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.12 views

Malicious code in leo-auth (npm)

The leo-auth npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.10 views

Malicious code in leo-config (npm)

The leo-config npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.9 views

Malicious code in serverless-convention (npm)

The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.7 views

Malicious code in leo-cache (npm)

The leo-cache npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.13 views

Malicious code in leo-sdk (npm)

The leo-sdk npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.7 views

Malicious code in leo-connector-mongo (npm)

The leo-connector-mongo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.6 views

Malicious code in leo-connector-elasticsearch (npm)

The leo-connector-elasticsearch npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.8 views

Malicious code in serverless-leo (npm)

The serverless-leo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.10 views

Malicious code in leo-cron (npm)

The leo-cron npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.7 views

Malicious code in rstreams-metrics (npm)

The rstreams-metrics npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.6 views

Malicious code in leo-connector-oracle (npm)

The leo-connector-oracle npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.8 views

Malicious code in rstreams-shard-util (npm)

The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.20 views

Malicious code in leo-streams (npm)

The leo-streams npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.8 views

Malicious code in leo-aws (npm)

The leo-aws npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.5 views

Malicious code in leo-cli (npm)

The leo-cli npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.12 views

Malicious code in leo-connector-mysql (npm)

The leo-connector-mysql npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.12 views

Malicious code in leo-cdk-lib (npm)

The leo-cdk-lib npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.8 views

Malicious code in leo-connector-redshift (npm)

The leo-connector-redshift npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 11:4 p.m.12 views

Malicious code in leo-logger (npm)

The leo-logger npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.1AI score
Exploits0References3
Total number of security vulnerabilities226591