Lucene search
K

226591 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 10:18 a.m.6 views

Malicious code in shoaib-done-pack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cb99b328c44c010aba41a43c575c7f0832966f8d368e15d871b012bdcb58313f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:28 a.m.7 views

Malicious code in ts-esys (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3cfd9a57243111f1df0cde9d2fca7698afc995009e1263fc8f1f203d49d53741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:28 a.m.6 views

Malicious code in ts-ecro-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14987516ff6ae873aab004fd8ca5410f176431d60469fb877e32b531dc3c6e53 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:10 a.m.12 views

Malicious code in mongoose-jsonify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d9b010d0799f79de51f4bdb82f4b06fca470fac0088ecb5744e3ac113afc37c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:8 a.m.9 views

Malicious code in assert-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e21fa9c37e9944a00f7e85c7476f8fd4dc6bcd1f8fcd064a90488ef93d5bd12 [email protected] impersonates the chai assertion library bundles chai's source, contributors, and API surface under a different author and homepage...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:8 a.m.9 views

Malicious code in eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25c797954fc796493e459a69efde378ef04874f43e7c5570c12e9b8463688807 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:8 a.m.9 views

Malicious code in ethereum-gas-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7303c828115a527d477ea14684b3015e43fdcd36a7fa94041c16ccb3c2fbcfcc index.js line 144 contains require'chai-assert-kit' appended after the module's normal exports, with no other reference to chai-assert-kit anywhere i...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 6:48 a.m.12 views

Malicious code in build-tracker-n5p1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e731775fde27ad6db493d20397b27eee9b4a6ea0bf515f9516cc974ea3e12619 Package name suggests build telemetry tooling, but the tarball ships beacon scripts beacon18.js, beaconlinux.js wired to a postinstall lifecycle hook...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:20 a.m.7 views

Malicious code in ts-big-ecro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09cc5687efdad86354f994af9fa7d7c28fbc21d7b5b4558870aba1c05dcf425b ts-big-ecro is a verbatim copy of the legitimate big.js library MikeMcl/big.js v7.0.1 with its name, repository field, and copyright preserved to...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:20 a.m.8 views

Malicious code in new-ecro-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c4e172aa83f2b8742fb014ea649490c87815573cab692ea74eb402ee23f935c Package new-ecro-1 impersonates the legitimate big.js library by shipping its source verbatim banner, license, and homepage pointing at MikeMcl/big.j...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:20 a.m.10 views

Malicious code in new-ecro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7492a140547cea0957bc705d365e19806091462a249c3d5c90b6bfe91e8431c7 Package 'new-ecro' impersonates the legitimate 'big.js' library: it copies big.js's README, source, version banner 'big.js v7.0.1', author email, and...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:10 a.m.15 views

Malicious code in node-slot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d71bcdec983467ab6a47b538e524abc1cdafc98b411761bffb375be17d72009 On npm install, package.json's postinstall hook executes node test.js which invokes code in index.js that performs two distinct attacks on the...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:9 a.m.10 views

Malicious code in ordered-btree (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a7b579313f4d78d1b99c88ed3fc22c295458981099a80f09f8408ca2bbb2ac4 Package impersonates the legitimate sorted-btree library matching name, README, and attributed author and ships a hidden remote-code-execution payloa...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:3 a.m.9 views

Malicious code in @mep-exp/api-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 322089c1a58142401c82621aa778cdb7221086196cce6c879a703625b7013555 preinstall.js, registered as scripts.preinstall and also required from the main module and every bin entry, collects os.hostname, os.userInfo.usernam...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:2 a.m.11 views

Malicious code in @qlab/component-intelligence (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ad49caeee790003270d74c5b17a58d0cef6f04d881efe83b0f6c7e11515e934 package.json declares a preinstall hook "preinstall": "node index.js" that fires automatically on npm install. index.js requires os, dns, https,...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:1 a.m.9 views

Malicious code in nodepathbalance54 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5ade836e7f92049242a01dbc0782900900c4e28eb7e08f9d9ebc611aab80762 nodepathbalance54 exports a single function nodeaxionweb whose implementation is hidden inside a hand-rolled stack-based JavaScript VM in index.js...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 4:57 a.m.11 views

Malicious code in conversa-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baaff1de63d44fd5f6b4fb1c5d3ebb4e9509d7581ff9afa5f339acad8f57aed0 On npm install, postinstall.js unconditionally reads the installer's /.npmrc which typically contains //registry.npmjs.org/:authToken=... along with...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 4:56 a.m.8 views

Malicious code in electron-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07ff16a8f4a44a8ccfc2f6f2a91eee6dbd3d1de9f1c4d6ca95e0e48999202ef On npm install, package.json's postinstall script executes curl http://9ph8dp.ceye.io, an out-of-band DNS/HTTP interaction service controlled by the...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 4:51 a.m.8 views

Malicious code in eyee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 743696e9409c97e89816b050f0346b86446464fdbaeead6ae49ddabf50a082ba On require/run, eyee auto-executes main package.json sets main=cdpinject.js and the bottom of the file invokes main unless --stop/--detach is passed...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 4:36 a.m.13 views

Malicious code in portloop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e745a79c5fb952105d93cc5d5f37bc77af9cc08d9a021f09a12d26416a29de3c On default invocation e.g., npx portloop with no flags, the CLI runs in daemon+quiet+respawn mode and POSTs id, hostname, host, url, port, user to a...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 4:30 a.m.7 views

Malicious code in ts-linter-builders (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a22153f1e71ba9fb51ce22d5fc57180ce4d8998995fbc4bd554d6dd532c195b6 index.js imports childprocess and contains a hardcoded outbound POST to https://tg-wallet-manager.vercel.app, with additional fetch calls to the same...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:59 a.m.12 views

Malicious code in eslint-helper-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfadd6e70cf70ee03d7aae8bfcaa916d29073c5e09ca614bfcb4538c3efc1832 Package masquerades as an ESLint helper but contains code in index.js that decodes base64 blobs through Buffer.from..., 'base64'.toString and pipes t...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:59 a.m.8 views

Malicious code in mjs-eslint-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3320fa37492448acdf24a86f8a8735a3fc4d3b329ad156e299a8089df39e2f28 The package decodes base64 string literals via Buffer.from..., 'base64'.toString and pipes the resulting content into execSync'bash...' and...

6.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 3:59 a.m.7 views

Malicious code in eslint-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5802f88a31cfb1c54196395aa04377de1c98657cdd78f59e4a595f2913239301 Package masquerades as an ESLint utility but contains no lint-related code. The exported fromstr recursively walks process.cwd searching for...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 12:53 a.m.6 views

Malicious code in fluent-panel-metrics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95598f66d3e0a4ecbfe9dcd01c1d5f0be9b78bee23b200758a92dac8f8a00d9e fluentpanelmetrics/init.py defines bootstrapruntimeprofile and invokes it unconditionally at module load. The function opens a TCP socket to the...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:31 p.m.12 views

Malicious code in node-vfs-polyfill (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb213e524ed75dcb54961d6d2ee9431ea6a32f4fdcb9d777bc260102920d81b On install, postinstall.js executes automatically and exfiltrates host reconnaissance data to attacker-controlled subdomains on oastify.com Burp...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:29 p.m.10 views

Malicious code in db-connector-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6828cdaf9f4280f7739fd6f5a838a63ea7bc8f7bb0c94eec52fb881c2701c724 The package impersonates the legitimate dx-db-connector the package.json repository field points at...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:28 p.m.14 views

Malicious code in runtime-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95ac68a991ebaacd1aef772aa462ad53510471f9f4439659a6e685e877aa460e On require, index.js lines 70-77 fetches JSON from https://jsonkeeper.com/b/CI3HT, extracts the .cookie field from the response, and passes it to new...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 10:28 p.m.9 views

Malicious code in clx-cookie-signature (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e0e91601d276764067b1b209efd17a1f59ef03ff4fc814bcb22c495f4a0f9b3 Package impersonates the popular cookie-signature library copying its README, author field 'TJ Holowaychuk ', and sign/unsign API, but index.js adds ...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 6:39 p.m.9 views

Malicious code in @httpactions/strict-uri-encode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fd30f5d52b139ea7be77aa1782a5339f39355ec7ad532af2fa7a49616ff88 @httpactions/strict-uri-encode impersonates the popular unscoped npm package 'strict-uri-encode' 30M weekly downloads by republishing the same name...

6.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 6:39 p.m.9 views

Malicious code in @httpactions/encode-url (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e52b15ad9413185c30f84ad7e11e031c74c359e04f5c30ce502b8bc73267d8e The package ships a single heavily obfuscated index.js that performs no URL-encoding work despite the package name. On require of the declared main,...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 5:21 p.m.9 views

Malicious code in randpicker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 378d07b700aa25d356594d7b1c42db107def3dbd1cce734e4c1c50b411048eb6 When calling the Email function, the code creates a backdoor script and attempts to achieve persistence. The script connects to a Telegram bot and awaits...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:44 p.m.9 views

Malicious code in @gbrlxvi/ts-project-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09e070ea98f9c48e77b964b3dacd4d3e7cbd82cf896fc6140ec4c390438debc8 The package's main module index.js also loaded indirectly by bin/cli.js reads a hidden binary file lib/.perf.dat, AES-256-CBC-decrypts it with a...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:32 p.m.7 views

Malicious code in react-error-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a084c9e71eac856bf1a1fec025773cc561f9f6677c187d60e055b89c73d846b9 Package name and README impersonate the popular react-error-boundary library advertising an ErrorBoundary export, citing bvaughn and kentcdodds.com,...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:30 p.m.8 views

Malicious code in ratelimitsucks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44ed99ce54c3f8b6fa4f1bfa207a593bbf0d441c9eeee7d29dbc991098f8e12f Package is not a library. main points at sw.js, a browser Service Worker that uses importScripts, self.addEventListener'fetch'|'install'|'activate',...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:30 p.m.7 views

Malicious code in ratelimitsucks6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9f1a5d26cc0e6845ca6fae686a98462270a61b1d97d9ceb834f5046808ffdd0 ratelimitsucks6 is one variant in a numerically-iterated family ratelimitsucks1, ratelimitsucks2,... generated by auto-publish.sh shipped inside the...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.6 views

Malicious code in abuden221 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbd19b84f2238fb96214c792d294b1ac0e114103c238ddf040a7960377d78f90 The tarball is a static-site / web-proxy build index.html, /assets/.js bundles with obfuscated names, a.well-known/discord verification file, brandin...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.8 views

Malicious code in abuden22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.5 views

Malicious code in abuden218 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5215a61abda9d84fd39b739be57d465fddcf6561219deddfe212538607de0c66 Package is published under a deceptive identity. package.json declares main=sw.js, but sw.js is a service-worker entry importScripts that throws when...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:28 p.m.6 views

Malicious code in panrouter-admin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 390c706978c9207807a0aeb4b1e3dfc500847828c23f5ffb06a14171ca8e51e6 panrouter-admin ships relayclient.cjs, which connects to a hardcoded WebSocket endpoint at wss://jiuling.xyz/ws, registers the host with an identity ...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:28 p.m.8 views

Malicious code in panrouter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fd8aaf176011a764d660ee547645c34815e959d39087519cd187c1ac1af2d53 panrouter is advertised as a 'Claude Code router' but on default invocation panrouter with no arguments it a installs and rewrites the user's Claude...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.8 views

Malicious code in @onum-releases/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 887866a4734ebf64a639f9d2512cd400085469ec7fa06aba5f1bbe340b2688b8 On require'@onum-releases/utils', index.js reads os.hostname and issues an HTTP GET to 'utils..200majoeu01dk02xnjdajro1isojc90y.oastify.com', leaking...

5.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.6 views

Malicious code in @onum-releases/shared-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c110ed26ad413cb298fa3f2ce6d435eda5521dfc4113ea5520478030ce063e74 On require/import, index.js reads os.hostname and issues an HTTP GET to...

5.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.8 views

Malicious code in @onum-releases/ixel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 188c65369497c00333fc54291c970071044f3237a255387903a707cfd2711599 On import, index.js reads os.hostname and issues an HTTPS GET to ixel..200majoeu01dk02xnjdajro1isojc90y.oastify.com/ixel oastify.com is Burp Suite's...

5.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.7 views

Malicious code in @onum-releases/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cae207a349e4bda9359f4981d60ec81d9492cd8624535ee01b44c8f3bf3b3208 On import, index.js reads the installer's machine hostname via os.hostname, embeds it as a subdomain of a hardcoded .oastify.com Burp Collaborator...

5.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.6 views

Malicious code in @onum-releases/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d4bde1772d506f812e112fb8d6bfbf6a6f187dd823640f2cf15811f0d0633a On require'@onum-releases/auth', index.js reads os.hostname and issues an HTTP GET to auth..200majoeu01dk02xnjdajro1isojc90y.oastify.com, transmittin...

5.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:15 p.m.6 views

Malicious code in @onum-releases/api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07908d7f0abe458955357ed6814b46c090c70e1b3d34be4dd1a5c02d2507127d On require, index.js reads os.hostname, embeds it as a subdomain label under a Burp Collaborator oastify.com host, and issues an https.get to that ho...

5.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:9 p.m.6 views

Malicious code in @caspianph/storyteller (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bd24daaa395f2e6bfae7c6e6f488a6e114b87e2606ec1bce7dcd4ab6a92f40a The package ships setup.cjs containing heavily obfuscated JavaScript with hex-mangled identifiers 0x32549a, 0x4b2b44, 0x78c349, 0x119ac2 typical of...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 3:57 p.m.7 views

Malicious code in computerrock-babel-preset-react-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8987a1638ceebfb3dc8c8fc29e8e696fa15c6fe667697dfc367f59bf56b14cfa The package impersonates the well-known babel-preset-react-app under a fake org-style prefix and ships no Babel preset code. package.json declares...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 3:56 p.m.7 views

Malicious code in metavu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc05e6833390f96b1a53f5d1612e613436e5002673da2f7a8c1e8e9f9f41c525 package.json declares preinstall: node index.js, which fires automatically on npm install. index.js collects hostname, platform, architecture, home...

5.3AI score
Exploits0References2
Total number of security vulnerabilities226591