225914 matches found
Malicious code in launchdarkly-cpp-networking (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6c4fb76fdf3a3ab10ddc884a1fcc11f57ef3b0e44df500c5f2881f40cec0b20 The package launchdarkly-cpp-networking was found to contain malicious code. Source: ghsa-malware...
Malicious code in cowsay-caps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17661a2b5a74d9c2f32dceee01043881ce230427c3121c4bdd6f43987e49765e The package cowsay-caps was found to contain malicious code...
Malicious code in hangimani (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eb1b67eac28a42f372ecaaca274a28d15972e3cc8e063492f977364538e6c41 During importing the module, package downloads a second-stage code from GitHub, which then runs an infostealer. After that, the downloaded code is removed ---...
Malicious code in hultine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c6e91ab35953cced9cf886a16976bb282de1dcf804938f4179a2dcf8dc1af731 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in base-local-planner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c0cb640a181ee8e6c31d4f0f87e8768b7a67b70174dd65794e8d980909eac8a3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in marshl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e44ea5c8f70f7ca994880bf0bc0a6b2ffe444b3c57852ab81d0426fdbc8f6f22 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in genvia-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 daedaaf2f945a1cc86a93f479d8284153533d387ddd7b00418991a7998a37e11 During installation, the package attempts to exfiltrate specific sensitive environment variables. --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in colorss (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 de8be235bf17ee738265f4a0254263fc0caeefa1f9228c9f6f122dfd7b2fac2d Package silently executes in background a remote script. During the analysis, the script was not accessible --- Category: MALICIOUS - The campaign has clearly...
Malicious code in wandb-widget (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 055598effefa8c10844b4dd82763ed5786623a04789583ed67d9a32e9342d45c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in learning-curve-projects (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 535d27590bc02eadc7c52e7179ac183cfaac3079b16ae34a204e55b3e145ae62 Package contains hidden highly obfuscated code that is loaded during importing the module. --- Category: MALICIOUS - The campaign has clearly malicious intent,...
Malicious code in roots-cms-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9670a58bdf8573b9c7d94a74cf58593a55692bfcf33d931693680389b981f89c The package roots-cms-client was found to contain malicious code. Source: ghsa-malware 88007d193d64ac8d7a2a970903353601b1f620a48f22c3cd3c7a838da0cce4...
Malicious code in c11dff444 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d47b3f981fe050f2eab507069b880d1c47c4107c28eba0d1a16010400a249ad The package c11dff444 was found to contain malicious code. Source: ghsa-malware 437d8651f7d884d1905e0d01e2accffb3fcce5408fc4a6b0ef2ca6c37f0bade4 Any...
Malicious code in teaser-nav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebbd539070b3d1fb400c41280034565422204c7bf4047b965f596d56245c345e The package teaser-nav was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in mkdocs-dataopslive (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a4d8685e053f4695197aa6f21d1fbdad08a1162352aa913aff91ea9753036529 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...
Malicious code in sharedclasses (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d92097d15ef8e4712a31a9d8abdaecd9e1afa7d718078fda3457ed45ef6a1c6 The package sharedclasses was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in fastpi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2928970260fda87aaa57272b8042ae1a9661ad1a1bdeec1e73903e84ce3354cd Malicious copy of the legitimate FastAPI. The modification loads code encrypted in one of the attached files. The final, highly obfuscated code is most likely...
Malicious code in mbo-letters-cl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in snapshot-date (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8e86008d35e5f11e68c465940563127cdc9ba1d4b2963f092914bf8e9ce2587b This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...
Malicious code in euskalplantxa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa75d57475518e4ef5865992ffdf7b0137f3af90a6672bb44113312d6598fe5f The package euskalplantxa was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ezviz-shop-mall (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e8fa924e1aabab970bfb7f4b014f4f210acc59d591128c45fb41c33e1e8f8c3 The package ezviz-shop-mall was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in banquet-runtime-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 236dee5bac395a6446685322fb3dadb454e4b7f7d43a132111a8392721fed206 The package banquet-runtime-modules was found to contain malicious code. Source: ghsa-malware...
Malicious code in userver-requires-at-least-python-3-10 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 482925eb73388f3c834ceef6db5714f819970521367f7129878e38afbaa08bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in dhgshop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcf692c43737b2f7360ab017ae983283e98b2d2591a90a3efff90685a95d2632 The package dhgshop was found to contain malicious code. Source: ossf-package-analysis 194b5b6f2e47a1b70386a65d094c4b7d07a4fad392f36512b21542203c931d...
Malicious code in theanswre (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3a5007e2f06a55345366f95d0073e9980436e74745540a4e9b43c8a1836c4bef The OpenSSF Package Analysis project identified 'theanswre' @ 0.2.4 pypi as malicious. It is considered malicious because: - The package execute...
Malicious code in securedrop-workstation-dom0-config (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a496fb67ea100acce3d945e16e2d50d6d3181a322017f80cdf8c01006a49aade Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mcp-pdftool-plus (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2e92dea8be02288f271dacad2cd77f1bdd54596da1691cb738c4a7b7b4f77d21 When using the library, the hidden code starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign...
Malicious code in tableasets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3144974fea7e1e56465e9ba49f98ab0457b3adf75130300002c47f415d64fbd0 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
Malicious code in tableautes (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 db2caf2b50286de83c99e588ab33e86d828ff3c39fd0dac1c5f3da229cdfced7 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
Malicious code in researchpoc2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543f158149a74f451a6b81f0c088ec8bcfbfb019477a57c17c44da8e58e2df3d The package researchpoc2 was found to contain malicious code. Source: ghsa-malware f4dc24e7a14111cc2df68f08d7e66d1493e2c98b12d547140775f16bfe49f56c A...
Malicious code in jwt-pack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4102b59becb214e216d479ce014231e41dd264560b48ef7750c7006a3c86e7d6 The package jwt-pack was found to contain malicious code. Source: ghsa-malware c16aba10441aad949bd96fd2a349f2f59d62bf56708394fd925b432c57e2c91b Any...
Malicious code in n8n-nodes-comfyui-illu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f55ef8a1d72164c700fe4a5c05d4fa8150e2162291f8a65f5505304b2aeb46b The package n8n-nodes-comfyui-illu was found to contain malicious code. Source: ghsa-malware...
Malicious code in wallet-icon-font (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a89aa304ab9d5d7a44ee3e88112f9e35b876ad03a87090749c929e882289c721 The package wallet-icon-font was found to contain malicious code. Source: ghsa-malware 319f118931c6d4b46c7bf09c9474dd23e24873b1c32f093f631cc3dccd10ec...
Malicious code in turbotax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 482f0494fdcfb328794613ca7098174eb93b12a55cc53cb57b73930df8ad238a The package turbotax was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in morty-package (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...
Malicious code in epic-asset-uploader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc2cb990940a69aa54175e17a56f993e9c380e4eb2bbe8fc9f6e86c09b252464 The package epic-asset-uploader was found to contain malicious code. Source: ghsa-malware...
Malicious code in pypi-package-explore (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...
Malicious code in kol7a (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81ab7bff0ce4494ac98d492444f18a8ec22e0d34f4cbaa30314de910b6a1039 The package kol7a was found to contain malicious code. Source: ghsa-malware 34930716d17313165d83a1830db1542583fbd4c6e6cf873c66cb3dfb5fbfb336 Any...
Malicious code in lvldragdrop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ce81a159192ad7b893014354e6d4e99dd61e918b75bf4a1c2e787d3373aa26 The package lvldragdrop was found to contain malicious code. Source: ghsa-malware 78a2a28643bce407d3eb1ba2f9524eb15c5bdf4879ffb0cc93e0ccef865fab26 An...
Malicious code in pytorch-mutex (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4959fc9ffb04b2e53d068fa3e6564a21dd3bd4b6374324416a643c3e58ebe330 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in chai-as-extended (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1dda9ad39b1f120fc9fe5a856dbc209c2441a9c6de305ae72a35ec94ef31862 The package chai-as-extended was found to contain malicious code. Source: ghsa-malware c852649226583defd7fce57e5a82645ae50eeff8376ea06c070170b31c0a66...
Malicious code in dotenv-embed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bbecb8b9bb96fcd71af0764df5106d8163ccb94c21960bf858383ab85d10308 The package dotenv-embed was found to contain malicious code. Source: ghsa-malware eb5a7942b654b4da1fb16e67f19ca82b3b52c4fcce4db85e9d5596571651c6b7 A...
Malicious code in chai-async-tests (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fe54f3f00b12c9b57fd672be7ddbe4a46342c24fe308c31f31c6156ae436d8b The package chai-async-tests was found to contain malicious code. Source: ghsa-malware 4303ac7ff339f51dfbc53ed8c70cd02a76123b62e0448bca935128fd313ab3...
Malicious code in chai-sub (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a9fb8daf2c61a42d820b2e0f8a846b9f2c95ed6a1cdc4c19a7d80f3398b4a21 The package chai-sub was found to contain malicious code. Source: ghsa-malware 94d4e0fa1548915ba6f77782a735206056554990f47f65aadc5781a23474b855 Any...
Malicious code in chai-px (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfeac68ac3a89859c0a6c38e5d55e4e2e9b9ffa77476a10cdc1d31de070bea68 The package chai-px was found to contain malicious code. Source: ghsa-malware 708ec6326dbafd483773c64035513b5cd8be0a0842c3d44d92af9eee01408b8a Any...
Malicious code in chai-chains-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4f83118d80cc6575c1c629c8591ed8a6a7a34ea03591cb737cdfb6ac45f0738 The package chai-chains-async was found to contain malicious code. Source: ghsa-malware...
Malicious code in @pukpuk1/somsodamsd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1fe2dc16d3713a1dcc39d8fe68cd5a522648569a02d75fedfc83534792701b2 The package @pukpuk1/somsodamsd was found to contain malicious code. Source: ghsa-malware...
Malicious code in somesomesome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18ac4cdf90f62b12288a57c534bcb83bc35de128259f75f906169c33813dfba2 The package somesomesome was found to contain malicious code. Source: ghsa-malware d1683803620919909c2838f7003b5c93054230dba6b2f347314ffd3e78b405c4 A...
Malicious code in somesomesomesome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 501ce83717dc490a4b5550820a3d811bc7a90579dbf986bfb3013d0997ae3802 The package somesomesomesome was found to contain malicious code. Source: ghsa-malware 6ac6ff72ae68c24308f36c03065bd3d4f95aea678ce410a4edb706f73499e6...
Malicious code in vuejavascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74bfba97bf13d06059aaa4317c042bd9d5400372e605f35803c29cdf82bcb9b2 The package vuejavascript was found to contain malicious code. Source: ghsa-malware 67afa0cf78a4b560d1f76b6ec9e91a607062ab8f07a96755eada02b4fdfeb2a4...
Malicious code in somsodamsd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437d384f1bedaaf93abee9ecf1219d3244c96b0086ec0ed005374d28fb9d4522 The package somsodamsd was found to contain malicious code. Source: ghsa-malware ffb9c516d18ccedc5e8858843b9cfe1507126bf2d577896d21391b4f0d211a9c Any...