Lucene search
K

226591 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:21 p.m.11 views

Malicious code in blinkit-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ca70b0a6be36daf245deb50dd6b3595a9bfba29c62770e82365152a02832cf8 On npm install, the package's preinstall lifecycle hook runs curl against http://d8s0b82plbq3u5sb2vo0sb3a9obr4yjt7.oast.site/ and POSTs the installer...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:11 p.m.8 views

Malicious code in zomato-sushi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f631d7af366bbb607f9088550a64939e395d0ce1199777828269de5772d860c package.json declares a preinstall script that runs curl with form-encoded fields carrying the installer's hostname hostname -f, whoami, current...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:11 p.m.9 views

Malicious code in zomato-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dccb8b8b32337c2a257a763c273e03367ec07c904b5db0c07dbf514d546709d On npm install, the package's preinstall lifecycle script in package.json runs curl to POST the installer's hostname, current user whoami, working...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:4 p.m.10 views

Malicious code in zomato-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a12373009dd17131e45f4d20570904f2b8074367ee8b121e60a3ce5764fa00 The package's package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami, current working directory, a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:1 p.m.9 views

Malicious code in zomato-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a1b48a397992964f8f3982dc69a33431bfb26c911c29a1e5d124581cef46a40 Dependency-confusion package targeting an internal Zomato namespace. The package ships only a stub index.js module.exports = name: 'zomato-config',...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 1:38 p.m.10 views

Malicious code in jsonschema-viewer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3692022b4caf5ac51d868aaae58e793520ac3bd36703841eb615942baf85bb87 The package's only function — main in src/jsonschemaviewer/main.py, registered as the jsonschema-viewer console script — invokes os.system to fetch a...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 11:24 p.m.10 views

Malicious code in requests-enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f61f1a905e0ec1bb593f7b20d4f9a8a9e72deeb16440f72acbcaf00aeab1cd On import requestsenhancer, the package's init.py spawns a daemon thread that runs pip install...

6.7AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 11:4 p.m.7 views

Malicious code in sf-storybook (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5a1a34bbf1dc84732509c5c5bfbd65adcd442b2665367d0c1bd39dc8301001c On require'sf-storybook', index.js shells out via childprocess to run cat /etc/passwd ./passwd.txt and then POSTs the file contents via curl to...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 7:24 p.m.8 views

Malicious code in d0rk3r (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d0d4cf20ac250e3d7a23666cf8bc3ae722d555b982649dad3f615d9c7c8818d9 The package declares malicious dependencies. Their activity is however not triggered as since version 1.0.4, the packages releases lack any source code...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 7:8 p.m.13 views

Malicious code in d0rk3r-telemetry (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da4542d225ef144ecc5df2f578104ffc12659196c57b2214ecb54f60620601c6 On import d0rk3rtelemetry, the package spawns a background thread that reads installer-owned secrets and POSTs them to an attacker-controlled endpoin...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.8 views

Malicious code in request-cache-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eafb96e46544cb1351d26caf52bff79055bc205a1f8454737b677fff8fbc6fea request-cache-py impersonates the legitimate requests-cache HTTP caching library. On import requestcachepy, the package's init.py starts a background...

6.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 6:47 p.m.11 views

Malicious code in free-anthropic-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11bfe96b56a6615a50639b25de793e14044ea393c2029b26fa4e1b9e3dc5a22f This package impersonates the Anthropic Claude SDK name and description claim to be an 'Official Anthropic Claude SDK wrapper', author is...

5.8AI score
Exploits0References23
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.12 views

Malicious code in atlasora-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f33093da9f0bcf9358f3b00bd87e723d95267074539c72511ab58bff4172f092 The package declares a postinstall hook in package.json "postinstall": "node install.js" that auto-executes install.js on every npm install. install....

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.11 views

Malicious code in atlasora-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1bd49976f774ef8357d29c74bc366b851e69a611cc5894f1a59621d91f9daba package.json declares "postinstall": "node install.js", causing install.js to run automatically on npm install. install.js requires https, fs, os, an...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.9 views

Malicious code in atlasora-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9776899942c749b493911ca4e33c3b4967308a816e167bd3ee90c95800632f92 Package declares a postinstall hook "postinstall": "node install.js" that runs install.js automatically on npm install. install.js imports https, fs,...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.8 views

Malicious code in atlasora-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7af2118f668c8e39caf15aeb52d365083d5bc6b9c1ae4d9ff6d007d348ba8b9e On npm install, the package runs install.js via the postinstall lifecycle hook. The script harvests installer-side secrets and POSTs them as JSON to ...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.8 views

Malicious code in atlasora-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc75492c0a0ce4090918bfdef0cea9cc028ef4c8273283d32085189e13a59c51 Package ships a postinstall hook package.json scripts.postinstall: node install.js that runs automatically on every npm install. install.js reads...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.9 views

Malicious code in atlasora-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf7c54cd0923afe13aadf778a5c213363c521e7a50c4b9e235bf6c7cf58a973d On npm install, the package's postinstall hook node install.js, declared in package.json harvests secrets from the installer's machine and POSTs them...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:10 p.m.7 views

Malicious code in atlasora-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbd4392d81da887d2d7da24519df3a7d9341ee45e1fc091a724c4f5ede766ae5 package.json declares "postinstall": "node install.js", which runs automatically on npm install. install.js requires https, fs, os, and childprocess;...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 12:0 p.m.13 views

Malicious code in @withgoogle/stitch-sdk (npm)

@withgoogle/stitch-sdk is a scope-squatting package on npm that impersonates Google's Stitch AI design tool SDK. The attacker registered the @withgoogle scope to mimic Google's withgoogle.com domain and published versions 0.1.1 and 0.1.2 under the account maximus-mcmillan on June 19, 2026. The...

6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 8:55 a.m.10 views

Malicious code in query-profile (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9a60c7fce9ec29fa327128c80bca74a51b9f1965c50c6dc9286016fa31001bf1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 3:50 a.m.10 views

Malicious code in yian666aikf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f96776bdaabacae768376d5c1ff3543f77d94b41298d3d01365032817c3cd53e [email protected] advertises itself as a lightweight string-manipulation utility library, but its only on-install effect is to launch a reverse shell...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 3:50 a.m.11 views

Malicious code in yianzzkf6687 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a59a0aee58573b3030b9d541980fa9d7df8ea55d4e6cc5b3bb349452b908d0e9 On npm install, the postinstall hook scripts/postinstall.js detach-spawns scripts/shell.js with detached: true, stdio: 'ignore', windowsHide: true an...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/20 1:7 a.m.8 views

Malicious code in fluent-dashboard-panel-metrics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e745c609fb43daaa93911ae2edcb05b1ffd3cec1c6ec55c321597e9e39eb153 fluentpanelmetrics/init.py defines an undocumented function bootstrapruntimeprofile and invokes it unconditionally at module top level. The function...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 10:45 p.m.11 views

Malicious code in improvado-layout-panel-metrics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61cc6b0b5d5efe4675f4159e8bc8f6380970614c1dc36b553207fa73fa66104e The package's top-level fluentpanelmetrics/init.py defines bootstrapruntimeprofile and unconditionally invokes it at import. The function opens a TCP...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 9:5 p.m.9 views

Malicious code in django-auth-middleware-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cf58978ba5eec5220b4b4d85966efff31d31d164ff103f98dfd627381e061ec On import, djangoauthmiddlewareplus/init.py spawns a daemon thread that POSTs a JSON payload containing the host's hostname, username, cwd, environme...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:37 p.m.5 views

Malicious code in free-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e5cf1276f4faf6de26e95f05cc2bb95d90c71473c20e9542c9e88c2d949dfb9 Package name 'free-claude' and author 'anthropic-claude' impersonate Anthropic's Claude product, with a README claiming to install the official Claud...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:59 p.m.7 views

Malicious code in base_parts_ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07b0e2bcf47f6720470181fe18dda70621d52a4fb65fec395a87e14ec39c5219 When a user runs the package's jcc or jcx CLI, lib/aiutils.js polls https://jai.jaskle.cn/hm/hmpub/aicccfg for a newVer value and, if it differs from...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:55 p.m.8 views

Malicious code in routecraft (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0c4f17a9e94ab9fdbab7325f597551a6c0ba5b9e210cb0b7e28d3b86b4766d0 [email protected] ships verbatim Express.js source lib/routecraft.js, lib/application.js, lib/request.js, lib/response.js, lib/utils.js, lib/view.js —...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:31 p.m.8 views

Malicious code in aikaf668897 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 450730a92143c06530923dacda588a17252ebc7edc9ddf71ff520446de5a3293 On npm install, the package's postinstall hook node scripts/postinstall.js spawns a detached background Node process running scripts/shell.js with...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:31 p.m.7 views

Malicious code in aikaf6688812 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdebe342ec1c629835301869934fab1a4800c98116a337ec33b05def92d33e7 package.json declares a postinstall hook that runs scripts/postinstall.js, which spawns scripts/shell.js as a detached, stdio-ignored background...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:31 p.m.7 views

Malicious code in aikaf788812 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c91950cef6a5f877a4a9bca074501e4c910dc50008d4c8c2623ddc21f08e31f2 Package masquerades as a string-utility library but ships a postinstall backdoor. On npm install, scripts/postinstall.js spawns scripts/shell.js as a...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:30 p.m.8 views

Malicious code in create-mono-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85402ef2db7bfd9e2bb01034a533e52649cf6058cc1e824e9c273aee5ae8121d The package's postinstall hook .prepare.cjs collects host fingerprint data os.hostname, os.userInfo.username, platform/arch, all non-internal network...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:13 p.m.10 views

Malicious code in @chunklab/hexparse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56ad779454aa221e4a3d5a13725428059b40edd7cd8a4329ef382348bc493013 Package advertises itself as a small hex/base64/endianness codec library, but every exported encode/decode function encodeHex, decodeHex,...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:13 p.m.7 views

Malicious code in @bytemend/mfebus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3d53776853d18aabf967b0f1882eb45f2164feedd600eeccc927f496002f5e4 The package advertises itself as a small in-memory pubsub library but its main entry dist/index.js eagerly requires dist/bootstrap.js, a 277KB...

6AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:12 p.m.7 views

Malicious code in @briskforge/envcheck (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09dba573f5d6cb00b09562870f2148b3e539786f5d801f2a263338301d759313 The package advertises itself as a tiny environment-variable validator but ships lib/preflight.js, a heavily obfuscated obfuscator.io string-array...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:12 p.m.13 views

Malicious code in @apexcraft/nano-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c46938b3634fb4de89ddf44b765e1c766c871a40fb31c54609c1b3526074e65c @apexcraft/nano-key advertises itself as a 12-byte sortable ID generator README and repository metadata are copied from yiwen-ai/xid-ts, an unrelated...

6.7AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:3 p.m.6 views

Malicious code in @apiwizards/auth-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718ca10ce0670edf6756b4ff0bd05e43526ebd516396a34074acf844116e7254 @apiwizards/[email protected] ships a single heavily obfuscated index.js obfuscator.io string-array with 317 entries, RC4+base64 decoder,...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:2 p.m.7 views

Malicious code in @antoncarlos1/nodelamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d930df8b6392b3bbfe3b591d90226374d31fb246e06018521f3f673a815b618a @antoncarlos1/[email protected] ships a single obfuscated index.js that runs a dropper on require. The top-level IIFE constructs a hardcoded IPv4 URL by...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:0 p.m.7 views

Malicious code in chai-assert-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb347379535c0ea9895e1dc8dd2f20b1fd092b8e62b433bfbd49b2ac1bff2f72 Package name and metadata impersonate the 'chai' assertion library reuses chai's contributors, description, and a 'chaiassert.com' homepage, but the...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:0 p.m.10 views

Malicious code in chai-as-attested (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88e27467366a90f482eb47476458b1f74d5a41ac63371572e527f2e60e4e0b51 Package impersonates a pino-style logger exports module.exports.pino, ships pino-like DEFAULTLEVELS, keywords fast/logger/stream/json but the exporte...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:0 p.m.14 views

Malicious code in chai-as-uphelded (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7f5470790594e55393048fee0e7a9e6e6650776a06717258e410292d4dc8a9 Package name impersonates the popular chai-as-promised library, but its package.json description and keywords masquerade as a pino-style logger and a...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:24 p.m.9 views

Malicious code in new-mjs-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4ae24b182a00059424b8ea4800927bbbf662f0e6bf20264af611d37203a3f2e Package is published under the unrelated name 'new-mjs-eslint' but ships a verbatim copy of the big.js decimal-arithmetic library original...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:24 p.m.6 views

Malicious code in mjs-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51c6776509c718cebce5fe0ef0f5be73ede28f3be69888bfadff198f25ac2df6 The package is published as 'mjs-eslint' but its description, file layout big.js, big.mjs, and source are a verbatim copy of the legitimate big.js...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:24 p.m.6 views

Malicious code in new-eslint-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7752e7f074edbf8521da2ee0b7c68c28a2f76d86576138df8f18e08aaa3a5c38 Package is published as 'new-eslint-1' but its package.json description, README, repository URL MikeMcl/big.js, and source are a verbatim copy of...

6.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:23 p.m.6 views

Malicious code in new-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f068a5c7ad1a53c60d794a3b4585418956c176c42b8d5d90855e2ac60962b25 Package is published as 'new-eslint' but ships a verbatim copy of MikeMcl/big.js, with a hidden loader injected mid-file between P.minus and P.mod in...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:13 p.m.7 views

Malicious code in new-ts-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3721ae4cecdfa22793382d07d28a25ba5fabd54ac405cb94e642a1f96faee80 index.js imports childprocess and at lines 101 and 117 invokes execSync to run bash and zsh commands. Lines 9, 194, and 195 use Buffer.from...,...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:10 p.m.9 views

Malicious code in chai-as-forgeted (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6b32b714919c755532ed3d2695d1966568c24878e9721a5d756896d81881020 Package name impersonates the popular chai-as-promised assertion library, but its package.json description and keywords are copied from pino and the...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 11:38 a.m.8 views

Malicious code in fastercoding (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c302e448868fcff3110a45d20b53d9d887cfb5aa31bb66df90702f2767246b4 The package exposes a single public function run re-exported from init.py which, on Windows, downloads BackgroundSyncService.exe from...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 10:38 a.m.11 views

Malicious code in fastercode (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14de4534d4cf2290f5f54bc5929fa799b73dff2e6a03aa879ade141dfc6ea054 The package advertises itself as a Python performance helper "Make your Python code run faster" and exposes a single public function run. On Windows,...

6AI score
Exploits0References5
Total number of security vulnerabilities226591