225920 matches found
Malicious code in renovate-config-doctolib (npm)
Malicious package due to data exfiltration via preinstall script, reading .npmrc, and sending data to a remote server. Few published versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afc7e33b7c6ea9379f973a56f94e3b8ed59f0bc746733efa7dadba31141d0cd9 The...
Malicious code in paddle-internal-scripts (npm)
Malicious package due to sensitive data exfiltration via obfuscated preinstall script. Few published versions increase suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae655788b800d689464263a26d904ccb45fe4aa65b61422a51325008aff3003 The package...
Malicious code in ing-web-v5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f32dd0f0eff32e970526305378a6623e9af62ab133ddcf04a21aa92f1eb95f26 The package ing-web-v5 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in robase-quick-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f69377c01d5c0980cb9bf905be35133e5cd077e7c64c577460dc06e3871c2d9e During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in chainutils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 149995e4a1c4d289fa58be2adcab4095dca7c429097ad6735afef8270e7e4cb3 During import, package triggers malicious code. First, it ensures persistency e.g., through the autostart registry key. Then, based on the encrypted config, an...
Malicious code in chai-as-ide (npm)
chai-as-ide is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/244f4de235f04fbcd51a and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in chai-as-init (npm)
chai-as-init is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c2e881b8bc0fe2121454 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in chai-as-optimized (npm)
chai-as-optimized is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/0ac7efbc0b6b1a53b305 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in pynosist (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ef7a4db1443361fe93b268c7ad8f38c5c290d5334162b57c2b534c97acbc2b5d The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...
Malicious code in genosys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2fb27cde30ea3d834e3160e37c203a1f8a271435cf92316a990766c5b8b9791c The campaign is built from a benign-like package e.g. genosys and the malicious dependency e.g. pynosist. The dependency uses a PTH file to trigger malicious...
Malicious code in lightweight-charts-4.1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7a7bcf5678b42c2da20ad8e444066092ac3a9c17a6c8867a034717d1d8c344 The package lightweight-charts-4.1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in modern-events (npm)
modern-events is a malicious npm package that when imported and using the function EventEmitter.emit... in file events.js exfiltrates local system information via telegram and slack and downloads a backdoor Win64/FaxedCook to C:/ProgramData/Policy/PublisherPolicy.tms. --- -= Per source details. D...
Malicious code in emergentintegrations (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fce023cdc4fa1509dbc8512d9b3728d4f5944941a522f63b94ef27b764ee4fbd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in sanitize-url (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f98260cc1b910a8921671795398ad7f986f02b0b7bc8efef18a4df09b87d51 The package sanitize-url was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in conventional-changelog-dash (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 881ccc3d6c947645ee3866499931db298b0f2f7ac4a3d41dd9acf806d4e6d702 The package conventional-changelog-dash was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in monolith-twirp-pullsd-authorization (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in monolith-twirp-pullsd-users (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in gitlab-orchestrator (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-test-test44 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-testik11 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-test-test2 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in requests-test-test3 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in bombonsec-test-123 (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in wpfuihelpercore (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in jjrawlins.cdkiampolicybuilderhelper (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in youpin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d2434bf56ac3bd217b20d87570b4be5eb5c96c17669d38ae4bf7c959dd21b29 The package youpin was found to contain malicious code...
Malicious code in winston-prisma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bc2a581514f0a9f03ad807946bb8aa90ed013936e91ed2a413ced0966986921 The package winston-prisma was found to contain malicious code...
Malicious code in transcript-viewer-ui-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d52899913925c544bb906fcc1d752431c86c54c3465310a8eee4318ba29164e0 The package transcript-viewer-ui-demo was found to contain malicious code...
Malicious code in tailwind-configuration (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60061f038f742f65f6876c278646b1b91d880677e6ba9dff2c87ea021f5b6aa9 The package tailwind-configuration was found to contain malicious code...
Malicious code in synthetics-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f901ab2d37659ee8585c20804e368b185c14c0e5fc49e51a3148fb439b728bad The package synthetics-sdk-node was found to contain malicious code...
Malicious code in sfx-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3fe291f014f24a669e43d0092e768f822241c223899812aeeb652ade2dcc63f The package sfx-data was found to contain malicious code...
Malicious code in separadordeinfo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21e2d6619a0d8333edc7c42d4fd1c6b03822b68469735f3ae6bf4afafefce398 The package separadordeinfo was found to contain malicious code...
Malicious code in rtxaspnet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 090604cfa202f9f464d120e8fe6ce4a731ca1011e78d84cf715894ec79e1b3c1 The package rtxaspnet was found to contain malicious code...
Malicious code in request-easy-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59057b0a6f845ac1e8bfa571c4e26295e469abdd5c6faa2e68007ef78816ec9b request-easy-validator impersonates the popular request package cloned README, bugs URL points at github.com/request/request, source is a fork of...
Malicious code in relion-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fd7c62cf3860ce9650e66abf6424900c5e1bfab538bd3b611158c8da85bd43 The package relion-node was found to contain malicious code...
Malicious code in relion-chain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 650bf9452e7eaed5b89edb5f2af6208d4491aa079a90805fd6360b32ee6ff6d8 The package relion-chain was found to contain malicious code...
Malicious code in react-appfabric-shell (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a524b70e3efe81a382327e73d51cabb650ed488156ac7dbe61d61fcbcff68f8 The package react-appfabric-shell was found to contain malicious code...
Malicious code in puzzle-fragment (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad106eae22a8aa21a17cd44167776eebe2a94c245f6e224ba0d52312d8dd229c The package puzzle-fragment was found to contain malicious code...
Malicious code in pil2-stark-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d38245d3114b579956426c150e00f8821821c418e0d87077788d0180ed19a054 The package pil2-stark-js was found to contain malicious code...
Malicious code in pil2-proofman-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec44a98d8fd4dfdf91d31b7990ec8005ee4d4aab1d6030d18e86f84758659093 The package pil2-proofman-js was found to contain malicious code...
Malicious code in payments-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7d60194dba5c153d113a55d518be295628ca3a4e031ac30cf5200eb4386c7c8 The package payments-ui was found to contain malicious code...
Malicious code in package-with-import-assertions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607b154dcfd87f209bf01efe33fdd864fe77432b9c7a246b4520d137236afe1c The package package-with-import-assertions was found to contain malicious code...
Malicious code in otomi-tasks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 801ad983065c3d079ec114f2e5c5fc207a1903c098b383a2b049060d4d64f654 The package otomi-tasks was found to contain malicious code...
Malicious code in otomi-console (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f9238b0645d7de5b5df1ba2ccc3d6a6d2d476b29cfd3a7eaa583ec4c32c7839 The package otomi-console was found to contain malicious code...
Malicious code in node-syncora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b9b36edd7fd683545fa4d254469ab5bd0697265cf63352489d2f0f7cd8583a0 The package node-syncora was found to contain malicious code...
Malicious code in node-metrica (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 383d9c273b104a26749eb5f7f5ceb732c407b08002e5017418eb19563cb5b536 The package node-metrica was found to contain malicious code...
Malicious code in nemo-jaws (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac1bc6492690bd59f6e2ace3fd6aaf7512476fdcfd2e015423e1a20529bb8b2 The package nemo-jaws was found to contain malicious code...
Malicious code in nemo-datadrive (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e279624646b095ac821ca5abba18d037f7c0171da7a5419ce7881330ba92be4 The package nemo-datadrive was found to contain malicious code...
Malicious code in mypeopledoc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dad62e56736bda9969bac1b76bff8eedd2d42d2a3f2e7ba945d2f4b71c4022ff The package mypeopledoc was found to contain malicious code...
Malicious code in mybibilabu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1f49ab3b78aaf319666bfc7008613ceadd875063cc4ec3074236dc31bafdb94 The package mybibilabu was found to contain malicious code...