Malicious code in elf-stats-sugarplum-mitten-141 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abe2b5ed5ab130378db923b0c43eeb9e041a1dcc51641d1fbdbc2463e69da21a The package elf-stats-sugarplum-mitten-141 was found to contain malicious code. Source: ghsa-malware...

Malicious code in fadafas3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16f81b34db67e90a673703108039c5943f614e1a8200df3fb04eb6677ee95f15 The package fadafas3 was found to contain malicious code. Source: ghsa-malware 27efb5c05f9bd8cab5dd8d9a89240e7e1f353ecc21639fec01a91ebd8461cd61 Any...

Malicious code in libxmlfinal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b00664d7d8c2cad969c4ae81a3e41100c2d896bb0fc1eccde422b4c676e9bf9c The package libxmlfinal was found to contain malicious code...

Malicious code in libxmlfinal3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c33a3cb237b9fefddf247fc73f80707be2197c34585f7bccee85ba3341ef600b The package libxmlfinal3 was found to contain malicious code...

Malicious code in libxmlfinal5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75640235a927670445888fa0c679048cdc7ebe626bc9e046817570b83669cc3 The package libxmlfinal5 was found to contain malicious code...

Malicious code in libxmljs10 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53b4c7fe3473ba684c279007dc4c169dd12bbec2156cdbd464551e7c313d2ede The package libxmljs10 was found to contain malicious code...

Malicious code in libxmljsololo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c92b90964b44e6eda4be3d2f55170a5df6b432079ddf3cdbf64df064796c23c The package libxmljsololo was found to contain malicious code...

Malicious code in libxmljsololo3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5d1f93ba15e7b1dea2fd731f26d04e13c7ff43da48e5ec7921dfd34cb94879a The package libxmljsololo3 was found to contain malicious code...

Malicious code in libxmljsololo4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68adb1bbfa456e34601b15a0cc297764102d61bad2b3539927d55757a75dc67d The package libxmljsololo4 was found to contain malicious code...

Malicious code in libxmlpupupu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6137dbf72252f12fd82d8b02ae9d8270288badd33f0e5324b78e1be1b349180a The package libxmlpupupu was found to contain malicious code...

Malicious code in ofjaaah12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da6b0fa4bde75a4ba12c7441a5c2f6e600058fbf3a13a4bada1e38270188185f The package ofjaaah12 was found to contain malicious code. Source: ghsa-malware 3782562ce78986e3e33a8ed547f3b8ff2223f9ada61ed387b46756fee19278aa Any...

Malicious code in tnaparserxml (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84120b8e19b2fbf45ddeda27ec954c8dbfa69b693e970c5da21857731bd41145 The package tnaparserxml was found to contain malicious code. Source: ghsa-malware f149b7f9c01e40bea34d250102cd9c4c1cce3579112c9a85373a225773cab7e3 A...

Malicious code in tnaxmlparserctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5028d4ab741d3e7b9c3cb92e1275a1d29d1e6cd8157590f7871d02b8b2a5d23 The package tnaxmlparserctf was found to contain malicious code...

Malicious code in elf-stats-silvered-wishlist-243 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642d01e2e6275f09f938d75b68be86115e96d93207d4540d29d36d1524a875a9 The package elf-stats-silvered-wishlist-243 was found to contain malicious code. Source: ghsa-malware...

Malicious code in elf-stats-jolly-hammer-980 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c16f1e142ae07eff2432cd2dd468fc79a130457ae33336f4f0392ef191a564 The package elf-stats-jolly-hammer-980 was found to contain malicious code. Source: ghsa-malware...

Malicious code in elf-stats-snowy-toolkit-186 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e42a7ca12612653aaf7b01c778d65725cf59436f0da1a2e2c1ef371bd5296a23 The package elf-stats-snowy-toolkit-186 was found to contain malicious code. Source: ghsa-malware...

Malicious code in libxmljsololos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e710261901e3db0a1f8ea9a5b78dcab045a74cf66b298c408d203c68b2c500 The package libxmljsololos was found to contain malicious code...

Malicious code in libxmlfinal4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d41a78ad1712a21fd085e3a8188b1e5522b8140cdc8b562d5ff933ceefe923f6 The package libxmlfinal4 was found to contain malicious code...

Malicious code in libxmlussr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d94a22bb719650fe5b9629ed1918677f55f3a0719b015bd7851920bd36fbb05 The package libxmlussr was found to contain malicious code...

Malicious code in gxzip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e0dd8700d5267b8d9bbe270798b11d2250761decf1de89249eab6d90a29080c During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

Malicious code in netbenchkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa328b263fd5f17449e326d05af9a5849a25d6c028d092e586097e95c4e1db59 Package imports and executes malicious synium package --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

Malicious code in synium (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85fc917c33d970cb3365ff112f788b229638b757c32eaf99ba1054c8596298c1 During import, package exfiltrates specific global variables to a remote target in a way typical for infostealers --- Category: MALICIOUS - The campaign has...

Malicious code in jsonschema-utf8 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 61bf4fa82a7c398e580d547d641bc19e3b16ba446191da04f39dcf9cf9a41eab Package clones a popular package loguru, jsonschema, .... While it claims to have some additional features, the real change is an added compiled native library...

Malicious code in loguru-utf8 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78 Package clones a popular package loguru, jsonschema, .... While it claims to have some additional features, the real change is an added compiled native library...

Malicious code in @cheqplease/structured-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f4111b892bba0089b3619c99cd5135fa3693d4a78c790a23017e359beff0cd8 The package @cheqplease/structured-logger was found to contain malicious code. Source: ghsa-malware...

Malicious code in mws-common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1ca345fe8bb8298e9adc0920dea67d420dd5c57f79004c058df12bc365f016 The package mws-common-ui was found to contain malicious code. Source: ghsa-malware 935da08d8dffad1e28679a7043038425705e76dff3808c50361e8a67d02c55f8...

Malicious code in ctosec-appsec-wb-xray-adapters (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71bd5cbfd64c9f4eec926fb0345f7a31ed5a012dfcf6182a0a550c2d3ad93240 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in kzip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a81e0fa699edbad810083efb9de4e22f5088c31c22fdf71f7e519269dc5ad01 During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

Malicious code in bigpyx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a1bcd636394f1505534cf691576b00e8686aa14474e8a209c94f8213310b128 Continuation of the campaign with a slight different obfuscation of the malicious code, but there seems to be no difference in the behavior. The malicious code...

Malicious code in vue2-amis-custom-widget-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c676b8d3fdeb2773313404ba039b4e2162b5e516e6938db609188c352f319cc8 The package vue2-amis-custom-widget-pro was found to contain malicious code. Source: ghsa-malware...

Malicious code in yunxohang3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c2e673bf41f2c09d7193d10d854da05f9ca7460ff6ea0aa7f20c54637ec8be6 The package yunxohang3 was found to contain malicious code. Source: ghsa-malware 0900450d580a55eafca9c4f9d12f2d00bee5c44547a809c1bb9f919b328f6350 Any...

Malicious code in yunxoahng2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 590cb2c888056f49872da23301bfc59ab2eab0b221cd551f2074bdb586e765bc The package yunxoahng2 was found to contain malicious code. Source: ghsa-malware 0f8f5e6fad408a138d25de919d714b42202c0c57ad1b5d32200f17f4fe3e31af Any...

Malicious code in real-time-tweet-streamer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 692b2a444eb479ec815e98413b99cd6cb677cf8be77edef431d8acf9d6c9e5c5 The package real-time-tweet-streamer was found to contain malicious code. Source: ghsa-malware...

Malicious code in near-fast-auth-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85ca901df252a441f9253e1a56812e262f6c7282f53587866710310fa282394c The package near-fast-auth-signer was found to contain malicious code. Source: ghsa-malware...

Malicious code in vue2-amis-custom-widget123 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027b467c811b36f60dc7589ccd8251ffc56de7f40345d6a471a3a550a2a8df7e The package vue2-amis-custom-widget123 was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ddp-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b1ae70118a343c68fd301dbce7ef05fbdf587541f9d61bd1df8a5048578282a The package ddp-common was found to contain malicious code. Source: ghsa-malware afe6b2223d57e3d32fa4220c3a687d0b70fd8c0047fd4925d4b0e6766ce5420e Any...

Malicious code in allow-deny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 512611dc9091a6cb708a796ffa1ff4047634ff63ee34231b092411ec45e57132 The package allow-deny was found to contain malicious code. Source: ghsa-malware eacee1962bd7ee456809cbd1fec30a8feb4fe397bf9e945ff4f42a8331cab117 Any...

Malicious code in callback-hook (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b89f8889dc19bc6058a5fbd01a2ff7d154ae3229f128981e84a24bdef3f4daf The package callback-hook was found to contain malicious code. Source: ghsa-malware 1364de9f464fd8aded92e338cbdd79f31c716643bb6fb136bca46a04939132f1...

Malicious code in facts-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fd985aa898a134a3edaeb33d9629378a215a674e8110bb88fbbdfce59c8883e The package facts-base was found to contain malicious code. Source: ghsa-malware 11ed9b0a6622d128df892c963646c0dd03c4a65ddd22b4ac0aebea5d9f4b0adc Any...

Malicious code in meteor-developer-oauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 150affd8ab309ef6631d484dbd5f086a709aaf97cae168d6a0a8a966327c32f4 The package meteor-developer-oauth was found to contain malicious code. Source: ghsa-malware...

Malicious code in modules-runtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e707f153606cc933eafdfa4c883bf1092791f4fe0e80278d963dda8dd5291a46 The package modules-runtime was found to contain malicious code. Source: ghsa-malware e0c351f7e54009deb9f1a8fa206a6cc720b4a472a7b969018b50ae235fcac91...

Malicious code in mongo-decimal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31ef468b36fa90f39d081db22602ad19c8c84bfa3416e3b471eebaaad2919bf The package mongo-decimal was found to contain malicious code. Source: ghsa-malware e32897d62825ec82598cd1de92099161013a0fc84c60add6ec1c9496320ab58d...

Malicious code in ecmascript-runtime-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2749802bf68a2c601d1c2e22b4a398e096fca7b10d248305df538e8364390259 The package ecmascript-runtime-client was found to contain malicious code. Source: ghsa-malware...

Malicious code in wasm-bindgen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3b2a3d6aa85e6e53ccd0463891b26156f77f3b75134166dbc68c14ec2c6bd2 The package wasm-bindgen was found to contain malicious code. Source: ghsa-malware a1de8824d178cfc9806b7413eeb3661781e7e278f0b877117bddb857bddb592b A...

Malicious code in confluent-kafka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80f8f3691acc10147a767bd08facab31e59a8acfb8d38c89df1400e263cc6f8f The package confluent-kafka was found to contain malicious code. Source: ghsa-malware 135e8cf2cd5582b8ed8562c5f5ccfd1cf7265319ad340463b750b75e341858e...

Malicious code in datadog-checks-dependency-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 965b1dfdded3e786f1691c392462534c6a7dc105aa989d08e68ff1b6c9f78bc7 The package datadog-checks-dependency-provider was found to contain malicious code. Source: ghsa-malware...

Malicious code in datadog-checks-downloader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26bc16bdf501ec221458349c8a28879a12b353a46c1126cc93d9f0ce3af9d793 The package datadog-checks-downloader was found to contain malicious code. Source: ghsa-malware...

Malicious code in pymongo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85496546788f3cab72ee1fdc5a520ccbd0b64a5a58cdd692f875ab537324c17d The package pymongo was found to contain malicious code. Source: ghsa-malware 09303fe46f98b771f0ffc2e904bd7d979c9b9339b205f41997bfe5435383f232 Any...

Malicious code in fastavro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8e01c7f0d2603f1d6cf541b7aa69c4bf9253ad1cd6b970a3337db957668a420 The package fastavro was found to contain malicious code. Source: ghsa-malware dfa83913e0a60ce0006e336f2f9f837aac0fa16d414d3c4c149562e19aed7474 Any...

Malicious code in sfdc-abstract-legend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a29f7f51ba229ced87dfa4e1c978407d9e716ba77115ad38601c49896e0584bb The package sfdc-abstract-legend was found to contain malicious code. Source: ghsa-malware...