Lucene search
K

226708 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 27 minutes ago2 views

Malicious code in dbzy-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0432a46ed92acb897826fc16d26cba900bd3d18f0de5baa7f2909a44d9ec625 The package advertises itself as a network debugging tool but its CLI and modules compose a remote-access toolkit. The dbzy-tools console entry calls...

Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 30 minutes ago1 views

Malicious code in tslint-conf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31b464b1646f8e2d36ce68a86af599cc49d5381f08af70302ff01f42957234a1 The package presents itself as the pino logger README, index.d.ts, docs/, and lib/ files all reference pinojs/pino but is published under the unrelat...

Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 1 hour ago2 views

Malicious code in @vite-js/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 914257e4d1eecae3fc48e98c8a2a406ed8021ed159c4a43a96c57453d0a1f320 Package @vite-js/[email protected] impersonates the legitimate vite package: it copies the author name, homepage vitejs.dev, README, and exposes a bin named...

Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 hours ago3 views

Malicious code in logger-daemon-regex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 867d520b17da5e885d1a1e1e954cbf9eaf045b55a28307319f4fbad27846b8a9 package.json advertises the package as a 'Node.js integration layer for Autodesk Forge' but the shipped code is a full information-stealer /...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 hours ago2 views

Malicious code in n8n-nodes-barcode-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb55ae2b864b933ae071cb33e8f53a52005ff0dc26487d15639f3b07fa7d9849 The package presents itself as an n8n community node for barcode generation, but dist/credentials/BarcodeGeneratorApi.credentials.js contains a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 hours ago2 views

Malicious code in react-v17 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73dab7161ffcaee5f943894308dd75428e9081b872daaed7ef50218bf98ad44a Package name 'react-v17' impersonates the legitimate 'react' package. package.json declares a preinstall hook 'node index.js' that auto-executes on n...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2 hours ago2 views

Malicious code in npm-rce-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6365312ad1339c7d5539f594b9e472ea3f10401fa356fe49766de887368e87c9 Package declares a postinstall lifecycle script that, on npm install, fetches a script over plain HTTP from a hardcoded bare IP...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 hours ago2 views

Malicious code in @vraksha/gh-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c867b4c68acc159dea1bbd580c5de3f3c9fef7bd1f54cd48a02c59631ffda12 On npm install, the package's postinstall hook runs index.js, which performs an HTTPS GET to https://http-logger-production.up.railway.app/payload,...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago3 views

Malicious code in crypto-promiser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25594e7865a7525aebefd2f1fcc8060f144bf202b1986875e1cfd95564f66e88 [email protected] is a typosquat of the legitimate crypto-promise package that ships a dropper in its lifecycle scripts. The declared postinstall...

6.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago3 views

Malicious code in vps-new-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3a87c3a5996e3d81f13922de94c19e39af1be7c9b6920fc9ade4f43edd838b7 The package's main entry dist/index.js re-exports createServerAdapter from./server/index.js, causing that module to evaluate on any require/import of...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago2 views

Malicious code in events-alias (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 164642716a755117674746c1c2534b0ac47d56bed2348e7a800c3d37a98074e9 The package's preinstall hook "node index.js" runs automatically on npm install and executes an exfiltration payload. index.js requires childprocess,...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago2 views

Malicious code in chai-as-const (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2c70991a87f00f1b25b85243d1984fcb2562dc2c34f0c5514827b3660350294 [email protected] is a disguised dropper. The package name is unrelated to its code, which impersonates the pino logger exports pino middleware,...

6.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago3 views

Malicious code in configration (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3255dd4ea4a24b3e000f6a8aadb9a022bc9aed07507124a595dd42ef0b429d6e The package impersonates the pino logger README badges, module.exports.pino = middleware under a one-character-omission name configration vs...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago4 views

Malicious code in next-locomotive-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6c9a6a78e92a3815c6923d8a77304fa6622e93b11eecdad3d5a1156398ec37b The postinstall lifecycle script in [email protected] automatically runs on npm install and reads a hardcoded list of installer credential...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago2 views

Malicious code in express-mongo-limit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14fb26238eabda9c27993bc87c05daf79a9d747b09aa9913f4b0f423f9c02b11 package.json declares postinstall=node index.js. On npm install, index.js decodes a base64-encoded URL aHR0cHM6Ly9nYW1ib3JhY2xlLnZlcmNlbC5hcHAvYXBp →...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago2 views

Malicious code in @vite-tab/tab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95af865d1cf7d45f2b4c2a73eebcfcd1a1a6aba9a36f33bf8256ef4d7235903c @vite-tab/tab republishes Vite's codebase under a different name while impersonating the upstream project: package.json declares bin: vite:...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 hours ago3 views

Malicious code in turbom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64978153f8a987180b6c8e88b5787598ed949a604527f0098271f97d8c66a235 Starting version 1.0.1, the package contains obfuscated code and embedded binary that is executed during the import, sharing many similarities with package...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in luludawang-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae96a2ee83d724de0e046dbf9e4749e9fd0d5c56fc16f2f28050512080f30628 On npm install, the package's postinstall hook runs index.js, which reconstructs a remote URL...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago4 views

Malicious code in ec-checker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc8245936c8beb04bdb2bfe31a8117133823e3ffd6ed3e165d89b822dfab4a9c package.json declares a preinstall script that runs npm install @sentry/node && node examples/verify.js. examples/verify.js initializes the package's...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in chai-redirection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38236fbbdbbaa8f8ed9315c3a4ff01fbf049215896036b1cb68611681fe0eb00 chai-redirection presents itself as a chai assertion plugin but its main entry index.js unconditionally spawns a detached Node child process running...

6.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in chai-presentation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 854dd2b8a43d8936f153925a2af8ee8de5d18647149aeba69fb0329eaa461b93 The package presents itself as a chai assertion plugin but its main entrypoint index.js contains an appended IIFE that, on every require, performs an...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago4 views

Malicious code in airkey-mfa-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03026bf6133183ffaba772b4b1f585bab0a42ab87823a0a2375a7f1cba08661e package.json declares a preinstall hook that runs index.js on npm install. index.js collects host and user identity data — hostname, platform, arch,...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in pipo-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 259159c0505b819905dcaf53172d98a4fd590a9ae1a40f87d2be4c1a7fdc4065 This package is a dependency-confusion payload published at an abnormally high version 9999.0.0 targeting an internal package name pipo-sdk. The...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in goofy-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 779daa3389f4ff3ea7ca2acb4e0202b4465e90fa0d8b7bdcc0e3785f34e454a2 [email protected] is a dependency-confusion squat: the version is inflated to 9999.0.0 to shadow an internal package of the same name in build syste...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago4 views

Malicious code in @luminarycloudinternal/lcvis-st (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8dffb72c9f767cbd071bf482fce9acb1ff2283a4800b7862739348b7a89e24 Package @luminarycloudinternal/[email protected] is published to the public npm registry under an internal-looking scope with an artificially high...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in bytefaas-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07cb4f68cec68081ac4817ad2ae387e7b031d3377a74a74ecca59c5858940d08 Package published at version 9999.0.0 under the name bytefaas-sdk, the canonical dependency-confusion shape used to shadow a private internal package...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in searchresults (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d5453a0b1576ed8880071cda901607e79f25378700d3f999ab2c9715e00635 [email protected] is a high-version dependency-confusion squat on the generic name 'searchresults'. package.json declares preinstall and...

6.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in thunder-rony (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b49da9c4d3522da30e4c917c3102444f9d61d3ab3e9c547b74b9240168754b9a On npm install, the package's postinstall hook executes index.js, which collects the installer's OS username os.userInfo.username, hostname...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in ronyfortest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c9f63368f7e1147ade261a87f45e32e13bcf79b5336efad59087ce85e64a849 The package's postinstall hook node index.js runs automatically on npm install and collects the installer's OS username os.userInfo.username, hostnam...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in rony-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 873cd33646b64f2073cc37ed9649a3757fb8aa186d50f700cb8ad199196fd56c The package's main entry index.js collects installer identity data — os.userInfo.username, process.env.INITCWD || process.cwd, and os.hostname — and...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago5 views

Malicious code in higherlogic-ocfe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f73e9c228fc5188d602b213f2c6e7f88d6acbb4a9381667b7c33e4cb825aedf2 Package [email protected] is a dependency-confusion lure targeting the Higher Logic vendor namespace. The published index.js is an empty...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago5 views

Malicious code in babel-eslint-parser-legacy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85a6f04cbf0697b6ae409fb9e5ad0e25812dac6a2f43bd95722f1903ee2f71f7 Package name babel-eslint-parser-legacy is a one-suffix confusion against the legitimate babel-eslint-parser. The package's own main is an empty stub...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in ag-charts-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29c50b5a47dde18daf83760926662df3b9890de074cc00938de04892ac79a4d9 [email protected] is a hollow package empty index.js, no scripts, no documented functionality whose sole effect on installers is resolving its...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in visa-cli-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0e8f566e285de1eec2c3cae07b0faaa8828080a4e1fed7e76e1fe43dfa571ec Package presents as an internal-looking corporate tooling name 'visa-cli-tools' published at an inflated version 99.9.1 — the canonical...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in ai-gen-ai-opt-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a34dae027378ca986d5e99aa7c9ffc5efe590e4697e1255970ce713f6d309e74 [email protected] declares a postinstall hook postinstall.js that runs automatically on npm install. The script collects the installer's hostna...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in @luminarycloudinternal/frodo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ed68e675b2b6cde30e6b7c8e34077eda805a4bde64ca7cd2c68c6f4370ee5f Package published under a scope shadowing internal Luminary Cloud packages @luminarycloudinternal at version 9999.0.1 — the canonical...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in promo-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1a88c879a569b51180b134bd442917610efba2cfc54aa980cb3ec3b4731e84c No concrete evidence of installer-side harm was identified for this package version. There are no indicators of credential theft, environment scrapin...

6.2AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago3 views

Malicious code in manom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c719a4493f261eac65f57909044b1f958860f46fce1668314878007d2625849 During installation, the package exfiltrates random files. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 5 hours ago2 views

Malicious code in manik (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f5401ff0b4189038b0682df9360adf8a7b3f1c0b19f41726a9bb1ebb6770d5e During installation, the package exfiltrates random files. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 6 hours ago3 views

Malicious code in tronpak (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 35790f872dd1f0fa6c17fca434134a08101946af27a0e2b4467e3b362f618e01 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 6 hours ago2 views

Malicious code in @vite-ln/build-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b380eb60df5dc8d12ad64fe26e5c1ca08c4fa39505400ba90ea1a2d305121ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 7 hours ago3 views

Malicious code in paperclip-adapter-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d49d1a6c5381f58370cbfedc2321bd44796eb4ea79541d967a661760d9759801 [email protected] executes a credential-theft and C2 backdoor automatically on import. The package's main re-exports...

6.1AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 7 hours ago2 views

Malicious code in paysafe-cards (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21a6e3b2436241fa7cebb029cdab33b2eb530cf450f7fe89d79a925c14148ed Package name and metadata impersonate the Paysafe payments SDK description 'Paysafe Card payment processing', repository...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 7 hours ago2 views

Malicious code in domains-billing-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 11558e73bc928dd5dadd7ba70e9256e5458e6d829c63a577a31740d2f6c553e1 The OpenSSF Package Analysis project identified 'domains-billing-types' @ 99.91.1 npm as malicious. It is considered malicious because: - The...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago2 views

Malicious code in manin (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3234643a550a8e121b7f2cbee42e45fa90604a95258babd0b8a602ee97cf3045 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 8 hours ago3 views

Malicious code in turbod (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78d60e25c1258021c4fb69a93456c76ef1157be852c7b9dc7165290ca599b0f7 Starting version 1.0.7, the package contains obfuscated code and embedded binary that is executed during the import, sharing many similarities with package...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 9 hours ago3 views

Malicious code in py-slugify (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 67a9d1e498fcf994bbfd8e10bde000990fe4579a88ba5b20848beabac1ae44cc During import, this malicious copy of a legitimate package downloads an encrypted data disguise as an image. It contains an archive with a next-stage script th...

6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 9 hours ago2 views

Malicious code in rarcore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69082900a353e728be770b24c10b27f0f2b7cb9f5ec15179833976447fc6c424 During import, this malicious copy of a legitimate package downloads an encrypted data disguise as an image. It contains an archive with a next-stage script th...

6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 9 hours ago2 views

Malicious code in oxntime (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4d96d9d5b1800042c94a33b8ac459abe42775a2c07e7cbd4ca2f689bdcf141ef The package contains obfuscated code and embedded binary that is executed during the import. The embedded binary targets Android and seems to act as a guard fo...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 11 hours ago4 views

Malicious code in @vwfs-its/sf-sac-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e08b57aacea0c5dcc883413eddf7737e7a45fa2c21bd5381d4e80235b3ef182 The OpenSSF Package Analysis project identified '@vwfs-its/sf-sac-frontend' @ 20.1.1 npm as malicious. It is considered malicious because: - The...

5.9AI score
Exploits0
Total number of security vulnerabilities226708