225920 matches found
Malicious code in flaask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f528a95e44d680b45bbab0cb120d39e27bf1c5bdd4e61d4a5e410c9efeb59539 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in backstage-plugin-glean (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 824531546cd7527be37fc4aa5ca2020424a1ecf090eaba3a8974105871c0931f The package backstage-plugin-glean was found to contain malicious code. Source: ghsa-malware...
Malicious code in telebot-bot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae13454f920b5cce1011546e4802ed263ce8218d4b484ef8471142abb42c3f3e The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in telegrem (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f2186dc29d07dc851d756bae0b5d080ebe5923efe6654fdb4aa9ec55bbba9b6a The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
Malicious code in bola511 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adc760a1f5b29980f41bbd685a2472e4f835f234b483c17520a81c1c881ca420 The package bola511 was found to contain malicious code. Source: ossf-package-analysis eea756cc3e9de36a5fb64a18448c1134945c9e97ac25b152267025711e7004...
Malicious code in yunxohang4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d338ce37d2952ccdcf9637c7dc760e409b9b046a0406e0aef49ef84d1ab6bf9 The package yunxohang4 was found to contain malicious code. Source: ghsa-malware aa3fc62cbb33b48a9dc4c66dd69e7a0ea084d25daf9ef0c90812126ac4d5f755 Any...
Malicious code in aiogram-3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d8dac0d1eb98dbfc0fe46cabeadb550699f5e41b5d033ded073f7572f450bf7 During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...
Malicious code in magic-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dea39f25cc72cc9ab080d6f35ef68c9a061a8df5fe184194798109dad36faa5 The package magic-poc was found to contain malicious code. Source: ghsa-malware 89ec0cb0d10ed48f38fd79d080a40f46510b46211da23e64a2c72d9b053cb73b Any...
Malicious code in bettermode-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cea8112bbccd7b047a03169d6591f7ab7f756044a4203b2435152fe708cad5d5 The package bettermode-icons was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in bettermode-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ade97c888752f20137524d28c5b49359ed4187da5edcecb60ead623f40aba3c The package bettermode-common was found to contain malicious code. Source: ghsa-malware...
Malicious code in ing-feat-kyc-consent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33ec1565e92d1ecffd4215be59b4dbd0d6a1e91be1511dab5c9b6ece1c202507 The package ing-feat-kyc-consent was found to contain malicious code. Source: ghsa-malware...
Malicious code in ing-feat-auth-idin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55080ac00ebd2c937db80d93324226b3fbb9dda607619f44d94dd4c09a8ba0fc The package ing-feat-auth-idin was found to contain malicious code. Source: ghsa-malware...
Malicious code in ing-feat-mortgage-consent-starter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 626d72f10b630f53b78e042906e6724ca662099bfc31e82310575ea19452576f The package ing-feat-mortgage-consent-starter was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ing-feat-pis-single-payments (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94bc97753b6e7a9fa1430482f3266bf40e985ab97ef48bbd35a8d7fd8f404ca6 The package ing-feat-pis-single-payments was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in cc-raiesy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9156cfe8712328dc4de944c470b2da3184bc49c1c444febc9eccf20f1fd962f The package cc-raiesy was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in aiogram-sever-patch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0be41c08090971a10e54930628353748c82ed55c0f9795b26a932f806852fd4f During installation or importing the module, the package starts a reverse shell to hardcoded locatiom --- Category: MALICIOUS - The campaign has clearly...
Malicious code in pxdbench (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d0668ec9c7f4535009661c430bc932c09667a7d31aa3f8912a09c65afc21f529 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in envtoolsx (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8718f9207ffeca355720b0d4a59cc778fabe7879fc354837d655affac6a82321 Importing the module, downloads and starts a malicious executable identified as infostealer. Based on Telegram links, this is related to the 2025-12-synium...
Malicious code in livekit-agents-hedra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8391aaa11b2ae78ceba6cf6eea7b0671d2d21b32d838b94f4504afa13ea832ce Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in adril7123 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07c158e65a09b5e455b852acb29ec1b107df59e30a6b3760fdbf3272532b64d2 The package adril7123 was found to contain malicious code. Source: ghsa-malware 94f91e9ba95b42dff0bf2cb7a9885e66ce64b1ff324967c5ed24203322917e15 Any...
Malicious code in @airtel-web/clickstream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3fe59d4697403d2c084c34ca36fe20a14b48c6e1c581877e8ccf9f4ea6cb6a3 The package @airtel-web/clickstream was found to contain malicious code. Source: ghsa-malware...
Malicious code in secguest-react-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b76ab99d9a667e9700bb0176dde546ff3748b742775ea322766035a730391891 The package secguest-react-lib was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google_recaptcha/js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd0346120a6f0d866aebe59ca9ae06c02e28849fc3840a412edcc81a2ab54ded The package @googlerecaptcha/js was found to contain malicious code. Source: ghsa-malware...
Malicious code in supply_chain_dummy_test_4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44714fb556ca073c6056617d8f13043c9fc07b19dd6b1c6599b62dc183c87a45 The package supplychaindummytest4 was found to contain malicious code. Source: ghsa-malware...
Malicious code in supply_chain_dummy_test_2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed3f5fef388376bf388c291f40ce96d8431d31f38fb29b6f69b6543408d9ef2f The package supplychaindummytest2 was found to contain malicious code. Source: ghsa-malware...
Malicious code in supply_chain_dummy_test_3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1963b5503ceeb0e8ed806c386f27edc1761eab24549419a8911a00f525b4a4c The package supplychaindummytest3 was found to contain malicious code. Source: ghsa-malware...
Malicious code in supply_chain_dummy_test_1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 427c02751dbaf2ec96a9818919ef225ce09a1017b33a494163746cce09acbad2 The package supplychaindummytest1 was found to contain malicious code. Source: ghsa-malware...
Malicious code in dotjsenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199e0e242516cf235f3d4f4d7b7921f7b52573e674bd76da515939782a81c153 The package dotjsenv was found to contain malicious code. Source: ghsa-malware b4dd239728dde802ec7a7aadd85d2a9f1c5c3e8b83e5f19b92a2afab16d1cd1c Any...
Malicious code in start-log-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 209207b530cc6132d223aef076b74b150c66f7ccdfb2672191a14dee02307daa The package start-log-backend was found to contain malicious code. Source: ghsa-malware...
Malicious code in qxytest1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0505d10da1308ac438dd0f500c125f12d4256deda46cca7991289eee22897d53 The package qxytest1 was found to contain malicious code. Source: ghsa-malware a5c4713032b22949ba57f3363cbced03d097646105ff09ef45dec3b09d552cae Any...
Malicious code in start-log-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea5bc70fc220a38dd997887f438e9a6d5afb70cf1d30dd8b95a664e013a7309e The package start-log-plugin was found to contain malicious code. Source: ghsa-malware 3ef7e02e352e8d339add82817454f490a0e4588fffb1dcafa53cc0136f4e9d...
Malicious code in trial-guard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16f74d3903fd133c053441c95d9b7a755cbaf7c69050b9a883a2162e3e7b0dfc The package trial-guard was found to contain malicious code. Source: ghsa-malware 3106ed572562306cb0caa1d2219da59b90053db9127323b84442fa2c119d4c05 An...
Malicious code in qxytest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8a49d4366751e26ed3fc66c1a478073c6d45eb5c8b92975a4827491e8ab108 The package qxytest was found to contain malicious code. Source: ghsa-malware f6079d7fcf20fd88c7195d9f4b2e7f2fcde1e43e6783075abae2b7450da08cfe Any...
Malicious code in chai-max (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bf9b30832b678dc77fdae0e722638e2a3ff7ba5cf07b09960233418192dd073 The package chai-max was found to contain malicious code. Source: ghsa-malware a6e46cc56f071a0c9f8afeaa19cf981997f743503c55a5e155fd1c99bf53d3a4 Any...
Malicious code in chai-async-chains (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dfd7db9210fae054def8abcb6989e1158a4774dbec18c08ac6eebcbf95ef753 The package chai-async-chains was found to contain malicious code. Source: ghsa-malware...
Malicious code in excluder-mcp-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44e8a4074afa107f60ef1b93a1b5ad90b034338e5d94eed6d5b1e27fa583b96e The package excluder-mcp-package was found to contain malicious code. Source: ghsa-malware...
Malicious code in excluder-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fbd667834f24295390990aca17b0c31962c9bb73f4db2d623c731d5bea052ca The package excluder-mcp was found to contain malicious code. Source: ghsa-malware 442683f846ae1a5ed8b7212f648fa722d3fc7f0e82af81258c74731d441e7b30 A...
Malicious code in rpc-validate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6c08295788ac997e7566fad616096d89ea31e26771abbd32fb6d42f199875f2 The package rpc-validate was found to contain malicious code. Source: ghsa-malware 95f6f8651242afb77a3d28835bf912aacbfc4e3abbc3da2313fb6c3bd0c12ed1 A...
Malicious code in lotusbail (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15f2dbbd6b5a88d7702bb519fe20f7f45ab5c4cf430900ca16912d055a6e2f3b The package lotusbail was found to contain malicious code. Source: ghsa-malware 9a89a3feaf56d39c9a953fb5de2e0f4ae6176dce75ee9d95baddc8ef83e59b91 Any...
Malicious code in @aa-techops-ui/ping-authentication (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d523ddbefc7a817d1b6a431d5f9d0aca24fecc12ef57ce37915df0a88af3f132 The package @aa-techops-ui/ping-authentication was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-tests-await (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e06b5ce760a0d0c13a10c5738f8e32b1b4a973261792b91f120017fa30e8352 The package chai-tests-await was found to contain malicious code. Source: ghsa-malware f36b7f537c61a8edb98af7f5d3c8fbc98d47dc0566ead08de39bab2fa58104...
Malicious code in dotenv-extend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b36b33fa03b9dafefe167d7891f649dc39ac77a18a67a25c44d0d647dd3518e9 The package dotenv-extend was found to contain malicious code. Source: ghsa-malware 7ef0bc2453e5610efd0011a08cecb1021a4d5a38aee276a269ad3185bb40925a...
Malicious code in huangmingming-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34b1eeb67a3d88661777e42783fdb91d2347376e8c6eae10588f559642d2bf53 The package huangmingming-demo was found to contain malicious code. Source: ghsa-malware...
Malicious code in streamixer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6f5d50225f8dd17a6c0a9e647d0a80d71926d7f823045d07d45861a2c1c3c41 The package streamixer was found to contain malicious code. Source: ghsa-malware 42a8a19c11260eb91e74995275ea815a4b32ec414471d02bee390b603ae81cdf Any...
Malicious code in verificator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in u2f_client (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in stripe-server (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test_gem_978483406ebb19126a2e8c001649a4eb (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in stripe-rubocop (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sq-samsa (RubyGems)
--- -= Per source details. Do not edit below this line.=-...