225920 matches found
Malicious code in @bmg-web/bmg-dropdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba8b2c9cb8ff59d283200d129e3ad62a7f469072326443114ebadcda2da4f894 The package @bmg-web/bmg-dropdown was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-ajax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d0060c1d5029ed1bcb3ed00c20e6a283a930b13d6e93072cebb3e97e45b78d The package @bmg-web/bmg-ajax was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web-features/bmg-user-interaction-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a8d06e34bceb11580d97e9e5b024221925eb7302ad803fcf48c22672995036 The package @bmg-web-features/bmg-user-interaction-tracker was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-card (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6b0a1542df5f356749bb120307f24588161f99389b5630aade5a178b2ac98c6 The package @bmg-web/bmg-card was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @bmg-web/bmg-external-link (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6373b00808251dd64521cfb1864a0bf382c5df23e976984dea8dbebf925bbb63 The package @bmg-web/bmg-external-link was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tsdoc-build-rig (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa9483578294aa1f05417210a36c0840de9fe1104aa1c36c6cad6f0ac4fe4760 The package tsdoc-build-rig was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @oec-settlement/react-router (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4beeacddc1773c8aefad734c472151284b868e3a06f4be8886763a0caebb121a The package @oec-settlement/react-router was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in crypto-keccak-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32ccdef7e115ae439427bb2217083ad601c38f443bc895d50f788929634a37c3 The package crypto-keccak-js was found to contain malicious code. Source: ghsa-malware 60c3cf139a71aed81d8181d9c87451c86895953c7d34095bd06553c9e406cc...
Malicious code in gleb-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1195db21d930574e3f893e03ace1f465579fc9a50f319979b05f57a0a6d8e252 The package gleb-js was found to contain malicious code. Source: ghsa-malware 24151762712a7288d42bf902b1d0d205f13c6f76668490e7043fe846a8fd241f Any...
Malicious code in ts-utils-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8a1476a3763d6093218666ee76d28124242e541f10e98fea5e396de93e97e85 The package ts-utils-dev was found to contain malicious code. Source: ghsa-malware 780475532d255944bb4846b6f84becadf429014e623c83b5ca508b6f97e39a9a A...
Malicious code in claudcode-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f4d319ca32cad5bc9a2f83d4b1b64c39f2d1e75f2fed26cc1172d480891b69 The package claudcode-mcp was found to contain malicious code. Source: ghsa-malware 65a350de7c4fa0545fcd3fa1439e9ea34afa50e5237688032de7bcafeb071ab0...
Malicious code in claudcode-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1de8369f09912bb8724607f94c599ad3fcecfa78fa46e76985acbc600ad8791 The package claudcode-cli was found to contain malicious code. Source: ghsa-malware 6bdf49fafb69e5edbe0ee4aecb34c6d65f28e0dd917b228142fd71e6db486971...
Malicious code in @usealloy/api-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac2459ced40bf7d07428205c0322e09c951fdc50972f337b30508ad2ad867b37 The package @usealloy/api-contract was found to contain malicious code. Source: ghsa-malware...
Malicious code in @usealloy/typegen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8ddfd4e6bd17172e7327ebed027c76dc8d062700a513a745cf15955c52e043c The package @usealloy/typegen was found to contain malicious code. Source: ghsa-malware...
Malicious code in @bitunix/test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b083a0a29a743f00a18c62069ede0cd31fa3656e9fcbafd497ff742c3efcbdd8 The package @bitunix/test was found to contain malicious code. Source: ghsa-malware caf5aa976643b0e7d9daa1d676c83032b7725f54e4d0f7541e163251805fb9df...
Malicious code in @usealloy/component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f32d74c27a8086c59f766c74f3fd9165eb49c0aa829661b6ff00e982c84d510 The package @usealloy/component-library was found to contain malicious code. Source: ghsa-malware...
Malicious code in aven_types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0df68dd11fcc6eb930db59e54118c89a481c0d8db3d4db96ca7732ce04cc3bb2 The package aventypes was found to contain malicious code. Source: ghsa-malware d042da73509307cc87e2110ee9cbd8873cd35b4d5de30c65df0f8daf7e93f49a Any...
Malicious code in 6161test1234 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074806dcf23de8a6066ce2cbbcc5f711ca552db945714be52cd8d3a7e1415af4 The package 6161test1234 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in com.tencent.puerts.agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 893d557ac2c9f78b7a7885bb93d174293ce6e98589b277f2368a5bce07bfeebd The package com.tencent.puerts.agent was found to contain malicious code. Source: ghsa-malware...
Malicious code in build-metadata-logger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 be01b550f3d8914aa6bd8659c9a410054e4e0bf9203d33e93478eb444e957b55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in buildenv-collector (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ed214a591cc269b484b5a0831e170e9db89aa33d168ab77c7826837495cd0f38 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in typelimagic (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7fcef0c386cca43024460aa4a1b47a99109e4ba02159a8fbe426c12f9884a83e Clone of a legitimate library. The added code scans system for sensitive files, with the focus on crypto currency wallets, and exfiltrate them. Previous versio...
Malicious code in my-package-jiecub3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1ec43b076f10c0f300bdde6c106bc020894f238b7b2b72e3a3c146d189bdb3a4 During installation, the package attempts to create a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...
Malicious code in apple-auth-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f287635d5bb4ba311de3a315d8b730e159dd7dee46e68896e94f07d1b4d91860 The package apple-auth-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-internal-security-poc-frank (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f171ab8af350f288bde3dca0a4c5741b840ed376b0022602322fd7b8b6341f The package apple-internal-security-poc-frank was found to contain malicious code. Source: ghsa-malware...
Malicious code in cycode-dev (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 af035661f0964977015279eeceb2e380bf8b525463d4a099d85eab7b4ea8a71b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mysten_metrics (crates.io)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 63f995158ab539b4b108f431c0a0384aa56cd5b50fbfac7d83e743b98d742fa0 The OpenSSF Package Analysis project identified 'mysten-metrics' @ 9.0.3 crates.io as malicious. It is considered malicious because: - The packa...
Malicious code in @serasa/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d7dc70207045632b443597fdca880203a20b38f5999520fe5c437ca65a496 The package @serasa/core was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @settle-sea/supporting-documents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1a578c532adf03529b20a3a434751c75d17e6c7ea31e4ca1881447db490cc78 The package @settle-sea/supporting-documents was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in bmg-web-features (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e385a0f1c1bcc075d39332c519b28aebc80cd8474cbc78baff5ce19661b85f The package bmg-web-features was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in bmg-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26777925b4f8e199b125a969ad8c6f4e0ff672b87613b22ce2b67fe461ba218e The package bmg-web was found to contain malicious code. Source: ossf-package-analysis 27618387221affefb03509d50b0545c22b6d18574bc71aa6f218350ca5f152...
Malicious code in megabank-worklist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in internal_insights_enabled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b767ca0c2e6450230a1b4d2bfa3f974fc6e9cac87198adb5c3084ea5f6dcd5f7 The package internalinsightsenabled was found to contain malicious code. Source: ghsa-malware...
Malicious code in hifromhere1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82931dc7313b2b9b93b8664655cbe445702e0fdcf1cc7e587b27758d2ef9cda1 The package hifromhere1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tailwind-text-fill (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe1d70f1253bacbb57d827b49a08cede06a039323a86af19cebaa08cefe2cbdd The package tailwind-text-fill was found to contain malicious code. Source: ghsa-malware...
Malicious code in pathjoin (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a94ee2403006fa62b8cfd3e6ac5a3ae32f316ab9b32fd0dc47fefdca52cf5899 During import, the code downloads and executes encrypted payload from remote location. During analysis, remote code was prepared to download the next stage...
Malicious code in leavemealone (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5628eb1d01e8eb7de8a582cd9ea85dff68eafde06f4e1164ae92842354db0bf7 During building the package, it executes encrypted code. The content is unclear as the decryption key bases on the local environment variable. Given leaving a...
Malicious code in moonbit-metrics-validator (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e6bb44c25db578131ec69b1c961c22f67cabb0b81aae5fe9d4620194bf8d83cc Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...
Malicious code in moonbit-schema-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5fd7cc9fd6247802480f37b02a23faadb37c7fa5aded77358015c0861ab980e7 Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...
Malicious code in moonbit-locale-compat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d42bb32adb1fb5f388368b9e4ab382bfbc8cd7f62dab4c70a8563a448ce9c2af Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...
Malicious code in bignum-ts-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9302a5bb5d61b77b3bb20e1bc630cfc2ef2411f09200b10b9b3bdf3afbb21d11 The package bignum-ts-v2 was found to contain malicious code. Source: ghsa-malware cbe2f3378d63ab27729cde1a688d110842d5efda3b4e1e88c2eacf54161b4f0f A...
Malicious code in npm-doc-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8ae6448e13630c5243e98e1794e9b2f57b0e999d4c31687f0db0f1665496f9 The package npm-doc-deploy was found to contain malicious code. Source: ghsa-malware f7938c30cf6da645723648c4c43979c97d7c006933fb24ccab60154f1cc5d084...
Malicious code in @tushar-br/desktop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25eb4a54e706177aecf51b4124524e6e7d0534b02d9b8e6970169a9df8189ef The package @tushar-br/desktop was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tushar-br/file11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cb3ba78b6061a7a5602ba4712bece6b3b689a0add265fdd05b8e6006ec29f15 The package @tushar-br/file11 was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tushar-br/editing-pack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a4d5659346f95e443d4a8b6883c51f081de5eb6989f8f6731327eb34ed9c64 The package @tushar-br/editing-pack was found to contain malicious code. Source: ghsa-malware...
Malicious code in krdfonts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a15ce04475542747dedb873a3b01d84d049ca808da879da611089e66db7e434e The package krdfonts was found to contain malicious code. Source: ghsa-malware 4e5c97aa939f62290759af39ce8ffae53746a8b7e48e2f72e8972573fede14b6 Any...
Malicious code in @otaxayuns/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdf26f95a3bc053fcaa8cd44b920af295f5827655316950894365e150d60f9f7 The package @otaxayuns/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in mailcraftjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27f66d32585597a7eeaa611a0c5f0fd20ee5a035d98d00ace5c0a333ae36b5be The package mailcraftjs was found to contain malicious code. Source: ghsa-malware bc9eb14094700cd30fbd04c4f4b7e75c8971e1ceb5442320dba55befe0fdccb7 An...
Malicious code in turbo-he (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1da17bf1f37303e3d91056c1ce674462279861bc896e413f1d262548ff6b3647 The package turbo-he was found to contain malicious code. Source: ghsa-malware 6bd9985ec0cf97c08347814d88b84c1c12cd8f22507a76e2a78cacb06c6840a6 Any...
Malicious code in optimized-fastest-levenshtein (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ad1df5ecfcba26f63d6afe82b0b81c718ed915074e7e2a1eec30d7fd6815be5 The package optimized-fastest-levenshtein was found to contain malicious code. Source: ghsa-malware...