225892 matches found
Malicious code in request-httpx-9 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d8547656202b4eac0d914d466c2fe1d3bf17210c63af75ac2d8e020f5d0ef28c The package contains a Telegram bot running allowing for remote access. This functionality is disclosed in the readme, but the package name clearly indicates...
Malicious code in react-markdown-canvas (npm)
Malicious package due to data exfiltration via Discord webhook on install. Collects IP, hostname, and date without consent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4123db6526d8c37f99fa33e2524edc97922efef6b1605dc0a8acdbf41e76cc77 The package...
Malicious code in newrubylogger (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d10fd2e8adb621ac6bb3b4cd31357213d90dd17f27cd1f01d5e8e7138686d7c2 The OpenSSF Package Analysis project identified 'newrubylogger' @ 99.9.1 rubygems as malicious. It is considered malicious because: - The packag...
Malicious code in cnnct-eaas-corre (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 2111dcd49405f8c078842cf7af9cfe21ddb54f558d66f2949da752d0e62cddd1 This package appears to be a typo-squatting attempt targeting connect-eaas-core...
Malicious code in request-httpx-4 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0c661d240f626319e5ff1e52562ca1d4a8a6c741126a91e4d46a9ed639cfc0d The package contains a Telegram bot running allowing for remote access. This functionality is disclosed in the readme, but the package name clearly indicates...
Malicious code in secure-monkey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86cd85a74e391ecd4f01e0ca9a2f8db368edc52021d175bb01a957669f2301ba The package secure-monkey was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in scraper-npm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5705e85e8288aeffbfe964329624dcbb5b2e30cebb0023da5b605ee5fb0aef4e During import, the package exfiltrates files especially .env and JSON and eventually configures a backdoor by adding its own SSH key to the authorizedkeys. ---...
Malicious code in react-dropzone-truffle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb9aafcb06b44346b4a153006bf1230d02f97d4f76ac2797f42a22005658c85 The package react-dropzone-truffle was found to contain malicious code. Source: ghsa-malware...
Malicious code in npm-security-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bf7ca4cfc33128c3d392d0df3b413365624b0e28a8215a7f0226ca4ec459730 The package npm-security-testing was found to contain malicious code. Source: ghsa-malware...
Malicious code in rbxm-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89cc90689ea111d792b6dc071f39e060c440f492130ef599233cf0c4526f55e4 The package rbxm-tools was found to contain malicious code. Source: ghsa-malware 8b70ded43c5def740a34e33c94903aa957ced0450fffd844a1e0f0d4122aea94 Any...
Malicious code in en-thrift-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f945d24e348a2afdfccd5c12b3b3a25280087db3e659a2de6002fb29347ce6ec The package en-thrift-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in conduit-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7f95b03bc8b7d9992089476c92239b5de48ab75b1d3c1d13e9b231dcc79a52 The package conduit-utils was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-code-preview (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5abf0716d5a814e3cd0ca1da245819d81f5238adb1911513d88b36825c7a99be The package vl-ui-code-preview was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-contact-card (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a26177e2527de2d73ffbdd96d1ebe7113d3a9745726b1aa8fc4537813caa889 The package vl-ui-contact-card was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-action-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 681eef2c6f7a9061c23f448a351fbf64b8d5302e6343f486e534c4a440b1e793 The package vl-ui-action-group was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e34ef0af8a8e8cc96afd0941b0fe2a5259eb4d2cf73564c5dde8b97a2bdf766 The package vl-ui-button was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-breadcrumb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81c270ce4308a58eda8d509b95c7598472480a53a99953d598e400e85440f563 The package vl-ui-breadcrumb was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-body (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd90d73547d2e88c7a229ca9924f96c2d5e43bc5b1a8cb6b8a182d322d783510 The package vl-ui-body was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b636f4789648035c4ee34537313e51b2e4ba39f2f4ea19b6d8744f61a12bce3 The package vl-ui-checkbox was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-accessibility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7e52c3145cd55d304bb64380b4ac900f8fcda605ef0d88ad4b445709c1fa6f The package vl-ui-accessibility was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-alert (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4b178c0c090ebb69682438481586f4d0c78dbcd8938f14ce595469fe3796916 The package vl-ui-alert was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in myasicapi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 62067570b5217e75a025ba09e5e4f0d059439d8a7d30e056bdd501fe97e4f844 The code and related Github project promise to monitor hardware cryptominers. However, the code additionally hides two malicious capabilities functionalities: ...
Malicious code in tensorflow-opt (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2197ee3bfb727ff46f407a50a515013ad05c423bfe202eea90eb6b593f08b14 Package is likely a dependency confusion against some legitimate extension packages for TensorFlow but contains just cryptominers. When calling the "start"...
Malicious code in trunket-dev-driver (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9ed872a63bcf6182fad3d7b6cfbe87019ff531f1ecff3a511b10371479c79810 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in dt-fe-t2d-marketplace (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48922e442917f5a5e22fd0e0bf4261cc99445547cfe91bfb017bc2443c2203ec The package dt-fe-t2d-marketplace was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in the-storyverse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2885a4f6fa566cedcd5c365fe4435186a31ed8913af26f8a06bbee3d760e66cb The package the-storyverse was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in home-robot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f5296b22d674fc768fb08662c83b8de3fd07455f6fc2d4f7b433319551cb808e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in microsoft-cms-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c507e9ca51bd8797443e8339d9069ce7a53d5b16d99e2198f6f856fcfa5a1ecf The package microsoft-cms-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in airbnb-identity (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 40e5d276e9f30fb5f1071927366f0f13024da90b79fdfb1967cc5bd6d2330342 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in azure-postgresql-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bed0aaccd7198eac8f4076c1eec5f143ae28bdcfa8bbf990a62ff7c65411707 The package azure-postgresql-auth was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in rollup-plugin-polyfill-swc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae0f8211aafc83248f37c6f92d0be49953ca3a84aa2394b4aa8f5cd67f605a7e The package rollup-plugin-polyfill-swc was found to contain malicious code. Source: ghsa-malware...
Malicious code in parse-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f14189ba3007a51617df87911f83c0c765d38bf6abe23b5aecbbe60cd8646c0a The package parse-compat was found to contain malicious code. Source: ghsa-malware 90a657719347c80f56dab387dd9beb25be7af98e9580382365a65feb0fd53243 A...
Malicious code in uudi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdb12754a69bd912f7d51fb243c65d7c681cc0e15a17b561e0a491dd49dbb095 The package uudi was found to contain malicious code. Source: ghsa-malware f7b138cbc39567b6578a6cd48c9b8c7384a2bf7623d0d4542c9e37a1960b329b Any...
Malicious code in crypto-locale (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e346cfc58b0d84fb5b56985729f7ec92a226ef106b0ab10f299e65a62028834d The package crypto-locale was found to contain malicious code. Source: ghsa-malware 00686734db6a3f5477c1047f779749296dddb0c7eab5294000e13ed7b194c74d...
Malicious code in detect-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f7bb76ced9a07af5292a6e90596305f844da2d89fc98329431d360797c4b1d4 The package detect-cache was found to contain malicious code. Source: ghsa-malware 136a28b5b046aa8efe7f9f0084f8f700650cdca446449494ec58b8414886f0a0 A...
Malicious code in locale-loader-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cfe4223d443a4180a9c6113449817f38d1d72fcd6f2f4cb42525dcb391c82b5 The package locale-loader-pro was found to contain malicious code. Source: ghsa-malware...
Malicious code in naniod (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 770f12de16c059d53c80a9f7e99035fcf1f454cefcedcf6ad4e7893e8a775726 The package naniod was found to contain malicious code. Source: ghsa-malware 5956bf743e4cd707100421a35c80a88d7dfd99a213b2c584c50b27bcf12e0952 Any...
Malicious code in scan-store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b30789e67692889309fe10b2d66e73649dfffbf9644ad1d11175b74334e5473c The package scan-store was found to contain malicious code. Source: ghsa-malware ebbe0d7aca9839086433d668a6b236303aa5f4c8be102ffbb7ffc9a8d73ad79c Any...
Malicious code in ethres (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba3cafe0e65ebbd1b4bdd577f7277b921eb7e3cf52e5fb46d8e6f6f34b2debd5 The package ethres was found to contain malicious code. Source: ghsa-malware 10924cf4fae0e118a99b95cf45376a7f42ff743f1e8830e78e801c473e0ddd88 Any...
Malicious code in veim (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31b89b91cb42611b74a7be2b2f6da42d03473a69e463276f87761d0ede8c71c The package veim was found to contain malicious code. Source: ghsa-malware e9f54d28eecf643750d870dc5e02deec7b66e42cdc998c589c6de0e58341bc47 Any...
Malicious code in yarsg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c2ed8a6379e9f5833efbabb80221cc55ce3456a95d14c77ede9ab581bd8f577 The package yarsg was found to contain malicious code. Source: ghsa-malware 71a7932af2640f624c7daef39143653ecaa9d843bda52f61c22687210fc9961d Any...
Malicious code in crypto-reader-info (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e31fe14a706d54aaad373a2174a83c58af8a065a0e8e5c98c201e3b986430d The package crypto-reader-info was found to contain malicious code. Source: ghsa-malware...
Malicious code in hardhta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc27417b62c3ad399e369577764608120ee2b3662367f1d51bf5fb8378560bcf The package hardhta was found to contain malicious code. Source: ghsa-malware e4174e96a92d9c0d7bbe499ed40d2e4cab9635c61471a1602fd117d8115e2d38 Any...
Malicious code in node-native-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc9503b92533dc98c475b75c09a1c40fcec67ad7b56c488b9677c0ff0740c4d2 The package node-native-bridge was found to contain malicious code. Source: ghsa-malware...
Malicious code in rimarf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa2b9a60774917db6a41edfa73a6fd3857866642eb502367b1d1551d9a1bc0f3 The package rimarf was found to contain malicious code. Source: ghsa-malware a34f8c6537be93ad97761160da11ce153ecb0e128aa76add4d2c46671c4de0c1 Any...
Malicious code in secp256 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5474e89cc8b0f2d2e5c37d3a2bad92455e82535d614d82fb0ff96979ba1ac2d3 The package secp256 was found to contain malicious code. Source: ghsa-malware 12775af1dc40ed0560ed3a8265ad9a1c9a122b3860a9f081e190b2ad8f30ba5d Any...
Malicious code in format-defaults (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f00cab7061e49ab4c27f149d8944dbf016be470f0a6380b58d1432ce3c5dfd04 The package format-defaults was found to contain malicious code. Source: ghsa-malware 90aea488bdca1dafac7912501be1bdfb01e2304e4a110715802f98994f2c712...
Malicious code in claud-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 858992810c1a4133d95b6fa19033c07591db548a46df39b67e0d393d7dd212ad The package claud-code was found to contain malicious code. Source: ghsa-malware 5fe9842d778d45ad5b5e4d81db678d608711dd4b186e053569dae6f210481651 Any...
Malicious code in cloude-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ec24ba80068a14617a513915da6a3751b60345b9c1e9144a362c4b85abefdc6 The package cloude-code was found to contain malicious code. Source: ghsa-malware 8da7714f501eed0c20e3432333dc73d1707e7ef16a803df07b6d73fab1945be7 An...
Malicious code in iru-caches (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bedff4313b653182b12500ff93779e0605bbd045470b58245a0ab47629e3404f The package iru-caches was found to contain malicious code. Source: ghsa-malware 2f24ac88d53abde060c0a707ee445377609019c4e9f93e40218672b204cb50ff Any...