Malicious code in iosysredis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40ebc0b0ce3b008449dfcb8149458898f7bbbffbac1a58a1ac3f5e002585b45c The package iosysredis was found to contain malicious code. Source: ghsa-malware 0d8b923c8adb27e2f28e5804af5428885fe3b1399d1cead59dd5a505e3c6f586 Any...

Malicious code in undicy-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5df89180b140f5106db0b74f5ee04330236214094173880f7baf0fd47088a8 The package undicy-lint was found to contain malicious code. Source: ghsa-malware 2713794393ff885438b3aa1cc6dc97cff34cd42825c28e917bf8ec24ee704ff7 An...

Malicious code in awareness-demo-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 73d2724a4dc0c9e8d1439a29324b142a46c456e7d078ba90127777a59bf906d8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in promanage (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34866a6d91e495c7692a123d4f1b31f1a98cf793744c4649f92eccf97d43ee9b The package promanage was found to contain malicious code. Source: ghsa-malware 55e3f919d2876892f9e686ad04eb2e38c1f5fdb1e3d93f39fc306563d9a4fa18 Any...

Malicious code in uuindex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a373d8c2c653d1b6effee8ff65bba442fcf08d7eea88ec95707680697385646 The package uuindex was found to contain malicious code. Source: ghsa-malware 47c06a7b235c91fbc08cc942c69f1e05ecdb8093c9658bd5ade2b8866cc33f4c Any...

Malicious code in neural-compressor-jax (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb1f58a45ef1a06954d1807517faea8790a771906e95a98d571587558244ea3f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in chai-lite-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f2fa37570e8cdb391a3cddfb304c274e9726e3803b150b309816e971577bec The package chai-lite-lib was found to contain malicious code. Source: ghsa-malware c9a6f02ff3187727ac481d692d98a5614c02e6ca28616d6a9d48e7505e63656e...

Malicious code in duer-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a6a00caf26e2e34291c939e8d0351324c884ba9d9c5b74e5cb9c8d78177a999 The package duer-js was found to contain malicious code. Source: ghsa-malware e7255816711503f7b2f4febb10e3d2d8ef36d2e3067366ece224ad3816fbf03c Any...

Malicious code in react-svg-helper-fast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39fb02f7b438a7ec942c0fa38a79d9d1c8014a7747696a55445376fce8f8d721 The package react-svg-helper-fast was found to contain malicious code. Source: ghsa-malware...

Malicious code in chai-as-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11787dc50e16838c5d9f467010f0aaef81b3e55e916c4dd5d3fc811375994e6c The package chai-as-utils was found to contain malicious code. Source: ghsa-malware eb4208b63fd6e66931d39f1a2cd30193e87a717ce9c3ab68e5fce787d0ffdc78...

Malicious code in sample-custom-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ade5f035c4d3f9fe74cfc0626c8ac011eeea6e88040376a03abee9cdf05290b7 The package sample-custom-component was found to contain malicious code. Source: ghsa-malware...

Malicious code in geocommunes-geoportal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 818beaf9a2c40fe1d288ab5f872c124eb851c191110b30d222a884e0cbec50b5 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in @schedaero/react-core (npm)

Multiple suspicious behaviors: suspicious URL, data exfiltration, process termination, preinstall script, and few published versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9a3637e4c85401af7944fe82cfd79a91d69797ef89cf50334fc3e5bf4fac0e6 The package...

Malicious code in @schedaero/yukon (npm)

Multiple evidences indicate malicious behavior: suspicious URL, data exfiltration, process exiting, and preinstall script execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02868b7ba4a5e5bf754e692e348191e6974f2f707417f20f97b33f172cda4ca The package...

Malicious code in @schedaero/bacon (npm)

Multiple suspicious behaviors: preinstall script exfiltrates data to a suspicious URL, terminates process, and few versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1f79d2ea06bc3905829524120560412e8e875463b5bddeb6bad3a343292c20c The package...

Malicious code in @schedaero/net-common (npm)

Malicious package due to suspicious preinstall script, data exfiltration via User-Agent, process termination, and a suspicious URL. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e5e87e24ed2574837f59c3fb4cf21d0c9677b4d5e729f0835fc90a9bf427c4c The package...

Malicious code in uxproject11 (npm)

Collects and exfiltrates sensitive system information to suspicious domains. Multiple YARA rules are triggered. High entropy file. Extension mismatch. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b478ab519bbd87949cad8be7d77296e0eddd01aa0be1b4b168ed2f6a0f7413...

Malicious code in projectrtert (npm)

Package collects and exfiltrates sensitive system data to Oastify URLs. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b127b8509d4b1ad251567a872811e8a8f4441791c7edadb916c6214be26768 The package projectrtert was found to contain malicious code. Source:...

Malicious code in @schedaero/shared (npm)

Malicious package due to suspicious URL, data exfiltration, forced process exit, preinstall script execution. Impersonating legit schedaero.com. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde30d72c136b3e78352eecc9a614e37d812dc136aca7d2c685f2bdafd305207 The...

Malicious code in react-devtools-raycast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 389c48f69049121e3e54751b68803d75bb5d571de2c8caf9c5e5d21f970612f0 The package react-devtools-raycast was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in get-fonts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d55d952f3fb507a89362a1535e7cf7d781b6f26e82c7130ca008af612bfddf4 The package get-fonts was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in trae-browser-inspect (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fbd2b8603f95aa744b92e1f624c31c4afc4dcb7ef634096a331302462b45e1f The package trae-browser-inspect was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in examplereactnative76 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a118efca65c484515f9ae2cee508db99ef356bb6dc1e9ec249858e561f96f089 The package examplereactnative76 was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in rncalendareventsexample (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8233da991559fe765a6e65e5430209a2a69487e32efea7fb5bc27d9a5f37efba The package rncalendareventsexample was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in rtxbbtyols (npm)

Package collects and exfiltrates sensitive info to oastify.com via HTTP in both index.js and setup.py with silent error handling. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a545131c0d6f2f8be5e52e2d51ba1ca4bc79095868f4b3c8169744110c68ecd The package...

Malicious code in @protonme/routing (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e618f44597f1625955e5cafd982eed4bc5eea13d53fb57c344daf811fdb6924 The package @protonme/routing was found to contain malicious code. Source: ghsa-malware...

Malicious code in @unitedcapitalfinancialadvisors/finlife-component-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 158b79753c39be97f6436dd06b4ef12321c0419a81070690604105af362334d3 The package @unitedcapitalfinancialadvisors/finlife-component-library was found to contain malicious code. Source: ghsa-malware...

Malicious code in @atg-aml-shared/kyc-domain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 669af5ff086209bd01c2d69a805bb4272ccedbc54a1a1c0ce79b0794dc92daea The package @atg-aml-shared/kyc-domain was found to contain malicious code. Source: ghsa-malware...

Malicious code in @coinmetro/app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8710d0b7801eb38be3efb787ab05f7dde1bf3d8e16e645c2b587fc6af19a60b1 The package @coinmetro/app was found to contain malicious code. Source: ghsa-malware 298d5aea9a95bac11ef6a844456d1e9144166fa3eb0885775e41a79b1c8319b6...

Malicious code in @kiukicom/sidebar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cb39359f91f7a9efe145c20140da0ac4320a6fcce0335e8619af25bcd76c3af The package @kiukicom/sidebar was found to contain malicious code. Source: ghsa-malware...

Malicious code in @ai-studio-web/app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a29e5e23697b695bdd456d100ba49a1ef5c6f4450b46672dedcd164a073e8eb The package @ai-studio-web/app was found to contain malicious code. Source: ghsa-malware...

Malicious code in spark-audit-notify (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c527925d1e7cb4055b6c154326cd54a713ad543349c2b3b6f8ab8f0d75e8cbe During installation, host identification details including AD domain are exfiltrated through a series of functions obfuscating this behavior. --- Category:...

Malicious code in do-not-install-this-package-003 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b7a8f2037bd4c28a5474af17179da0c12e37019623f5efa4d081d60758d4ac9 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

Malicious code in chai-iotype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a2528589040b93908e5bf212c3555330685a1e4a864848c672bfc7c9db91d9d The package chai-iotype was found to contain malicious code. Source: ghsa-malware 15de0c2b34317027aeda224019cbe2bd0c8c0e1d0c28cc5ff4f23cb6c0fcbc92 An...

Malicious code in js-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fbd8b0061a32bc73c0f643e53d0522b03117bda560c40b279b8cdebe5a1100 The package js-multer was found to contain malicious code. Source: ghsa-malware 330a991375f32abf73368d5d321c5a485cd844db42ccaa02388ebe61bc013376 Any...

Malicious code in chai-as-pause (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6bc450b711e5bfeca160d6a4836ce78f7da759812438fbf0701cf8c2f95e38d The package chai-as-pause was found to contain malicious code. Source: ghsa-malware 58583a4b9f33e23b3cafb853c51539fbe79e149a4d6e5cdfafa98713d32e64cd...

Malicious code in json-mapping-srcs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1a4791659c68903f36ecfbf9da2e8af6dacdb98a4a525d5f104d43b07260cca The package json-mapping-srcs was found to contain malicious code. Source: ghsa-malware...

Malicious code in es1int-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09abead9af9906c0579f5cce39e4e75fd445a6edaa1a5380db01ad7dd1e274f8 The package es1int-config was found to contain malicious code. Source: ghsa-malware 3eb94b9e72fc93f339c87b961f88c598fb78ecd2d5e4aad405d17c7eb3d513b2...

Malicious code in chai-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27a98b20486f7e7fafdfb30cb31c6f9aaf7d2e05e776a7d59b09dfd9db11e12f The package chai-tools was found to contain malicious code. Source: ghsa-malware cd9e9e8b30b139d7ad4bcef06753d2e9b1896845322a40e0cf0ff862adbcb3d8 Any...

Malicious code in argon-web3-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608cea5b2c28269fa6aa53d4dcd211b83843a935732729e7ec08a2a2130d9209 The package argon-web3-chain was found to contain malicious code. Source: ghsa-malware 6680014069f64072ffb4e22ed7e3779a0b88e7c503644cb0a491d67605078c...

Malicious code in node-argon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a249253a8bb08b645efdf877fb82287c002a57b8170e4977ac7344831d08ae83 The package node-argon was found to contain malicious code. Source: ghsa-malware 67f9534d5ccdcd0354d6b224d85adad29d2c686924ced68999d9d4dfd99ccd34 Any...

Malicious code in dotenvx-ext (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb1944d5124a9fcb2f280723cad9c0c8116d155fc29444186a9e86bfb3609afc The package dotenvx-ext was found to contain malicious code. Source: ghsa-malware a3af4fb14756c0946c71147b11cfa0f09db31ba182c62938c62671d2c2059c8e An...

Malicious code in modify-setting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48505e42b99b10152a5e8587fc88350de886a6ff02ca5b70ada3d90c9a7e980f The package modify-setting was found to contain malicious code. Source: ghsa-malware 3420a3d9050f94ba247ff8853e7a7f98ee33ca16a7beda959c53463992b65c24...

Malicious code in es1int-re1ease (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e956be3193d45095a913fddc50d7cfaa4954268fb94b94c2234ecbdfedf20a9 The package es1int-re1ease was found to contain malicious code. Source: ghsa-malware c78523a62c16466f08157a46028124f655a0bf4e92f9b7f64eef705b40c99086...

Malicious code in ultimates-express (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199dbb458ff55c6d08022e6326014d56aceb99ef7748d6e898a6faac9bff201b The package ultimates-express was found to contain malicious code. Source: ghsa-malware...

Malicious code in express-soaps (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11b77454b492585237ca44534f8c75ca1428979238d5badb6e7f86f99ec9d88a The package express-soaps was found to contain malicious code. Source: ghsa-malware cd65d37fecf812cffa4141b215b29a24bf83aa9b1052aba67c566690e710a0c2...

Malicious code in request-httpx-9 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d8547656202b4eac0d914d466c2fe1d3bf17210c63af75ac2d8e020f5d0ef28c The package contains a Telegram bot running allowing for remote access. This functionality is disclosed in the readme, but the package name clearly indicates...

Malicious code in react-markdown-canvas (npm)

Malicious package due to data exfiltration via Discord webhook on install. Collects IP, hostname, and date without consent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4123db6526d8c37f99fa33e2524edc97922efef6b1605dc0a8acdbf41e76cc77 The package...

Malicious code in newrubylogger (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d10fd2e8adb621ac6bb3b4cd31357213d90dd17f27cd1f01d5e8e7138686d7c2 The OpenSSF Package Analysis project identified 'newrubylogger' @ 99.9.1 rubygems as malicious. It is considered malicious because: - The packag...

Malicious code in cnnct-eaas-corre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 2111dcd49405f8c078842cf7af9cfe21ddb54f558d66f2949da752d0e62cddd1 This package appears to be a typo-squatting attempt targeting connect-eaas-core...