Lucene search
K

226511 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago4 views

Malicious code in debugcli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dd4fa31ed29d493ac05d6ec17a90f51fe68008b674268e1751c4b25792703b8d The OpenSSF Package Analysis project identified 'debugcli' @ 4.3.9 npm as malicious. It is considered malicious because: - The package...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in typescript-util-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f5a6bd9cf4dfc55c5c01859852cf26435e42d4b846384d08b80b7d609b27ad1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in ts-node-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 938793019b03ce033ae241aa80d0515a4d42d2580298f1d0fcf8627176e9b160 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago10 views

Malicious code in web-api-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ca2f8dce9e845346901818eadd06a0cda318c99ac3e059cd076d9f4065e2c17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in api-ts-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 641c2e8873a175e838cb215cabf680efdb6514c526d920992781fd16201b3adb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in api-node-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ac5b00d553b256f998ea13be45b7f41a939f85e3c272bf24fd91ad6747c6266 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in alder_morrgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96468d16380fb68b99823735be418b7393216e068ce91f6aa31f2e1305d9d4d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in @node-cloud/create (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 20ec89db74ea284a2817fd9ef23bc86cfdca225534dfa9a19adff462186a8910 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in @lodash-en/lodash-en (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccf4c6fcb3eb02a4b990660b8a47961f0cd393915787990149de40ee1b201a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago4 views

Malicious code in decode-sdks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 645d703f4bbd5a7aedaa60a60b7d20af253d4da8efaf82cbac3520a8f21d67b6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in @jacobtan/decode-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a99e8b0d7812c216410fc0ff557698f61a595d4ded8579c18fab63ab3ac8b924 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in epic-internal-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8e96ac07cfb3a5132ff46542a6feca17f9b907b20596d713cd89063840ff2b47 The OpenSSF Package Analysis project identified 'epic-internal-tools' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago8 views

Malicious code in horde-python-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ad72fe1fdc56e7fb5716a906fb8481bfe1e477d2f97c649d5db853a79130628a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in epic-build-scripts (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 93043b3f00a64c66fb0680256387471b656f222556c282c9cb1680347f14fae8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in ue-python-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9494382fb3885f95987ec830f096aac6cde589cac9485b6a347bafed9a8a7e39 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in unreal-mladapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b8b4f17043a9c57ea2087c59c771151186c117ab64cbf5c45df85df62469aa89 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in ue-automation-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 312f2d385743023503ed2c86bab1361eff17db32aa8a33d6d4da0015b3650095 The OpenSSF Package Analysis project identified 'ue-automation-scripts' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in robomerge (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 55684448bbccf72279c32f468fcfcb8a65500ffd2fe3807aec3e34bfc381a773 The OpenSSF Package Analysis project identified 'robomerge' @ 99999.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in unreal-horde-dashboard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e9b87fe74bfc9ebca4a6385b3038cd8a3b5d9907b02772377ed3383318578e4 The OpenSSF Package Analysis project identified 'unreal-horde-dashboard' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in ue-jenkins-buildkite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a67a3300cb2357e9661889459167d34c43be7925bd3d476d3a08588d9a907b59 The OpenSSF Package Analysis project identified 'ue-jenkins-buildkite' @ 99999.0.0 npm as malicious. It is considered malicious because: - The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @checkrhq/adjudication-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dc8d5c39d401d053978bb8f17234bc79db730d15b55634319f239baf32dc9b0b The OpenSSF Package Analysis project identified '@checkrhq/adjudication-api-client' @ 0.0.2 npm as malicious. It is considered malicious because...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in dt-validator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0fc0256380d811cdce05ffa9c3644a5f7e4ebd6f7acfce0f955935b42449b17a Code contains a function to execute remote code, which at the time of analysis was extracting the "authuser" table from Django DB. The remote code execution is...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in tailwind-animates (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 976a38db77a7958d63f884cc2b09a6a7bf725deb719d632d7442e39503b43fb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in db-convertor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 325a83367699f226bf706d6847891a07256202cb73998bc9866eb485132d2a2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @modhamanish/rn-mm-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c807ecdca1e37cf87858d2f1a8a53f187c8a3059dcf4b2a94acbc81fbf2c374a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/blenderdevtool (npm)

The @marketfront/blenderdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/fashiononboardingpopup (npm)

The @marketfront/fashiononboardingpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/footer (npm)

The @marketfront/footer package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/basemarkettemplate (npm)

The @marketfront/basemarkettemplate package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago3 views

Malicious code in @marketfront/captchaservice (npm)

The @marketfront/captchaservice package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago3 views

Malicious code in @marketfront/errorcounter (npm)

The @marketfront/errorcounter package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago3 views

Malicious code in @marketfront/actualordersnippetpopup (npm)

The @marketfront/actualordersnippetpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/bannerpopup (npm)

The @marketfront/bannerpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/baobabtech (npm)

The @marketfront/baobabtech package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/devtoolsloader (npm)

The @marketfront/devtoolsloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/navbar (npm)

The @marketfront/navbar package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/commonecommerce (npm)

The @marketfront/commonecommerce package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/mychatspreloader (npm)

The @marketfront/mychatspreloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and us...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/digitalherobannercarousel (npm)

The @marketfront/digitalherobannercarousel package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/gotoauthpopup (npm)

The @marketfront/gotoauthpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/header (npm)

The @marketfront/header package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/fingerprint (npm)

The @marketfront/fingerprint package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago3 views

Malicious code in @marketfront/dynamicpageparams (npm)

The @marketfront/dynamicpageparams package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and u...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago3 views

Malicious code in @marketfront/advertisingdevtool (npm)

The @marketfront/advertisingdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/changefilter (npm)

The @marketfront/changefilter package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/livestreampreviewpopup (npm)

The @marketfront/livestreampreviewpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/madvpopup (npm)

The @marketfront/madvpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago4 views

Malicious code in @marketfront/infopopup (npm)

The @marketfront/infopopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in @marketfront/customdealsfeed (npm)

The @marketfront/customdealsfeed package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in @marketfront/designsystemdevtool (npm)

The @marketfront/designsystemdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and...

6.2AI score
Exploits0References2
Total number of security vulnerabilities226511