225914 matches found
Malicious code in dotenv-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87c063897212774df4e13b1d7bf70cc74a98ac1ca824d2bb1f1e8c60d0662b5e Package impersonates the popular dotenv package: package.json points its repository field to git://github.com/motdotla/dotenv.git and homepage to...
Malicious code in deriv_ppetest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61958a4979f72a02b66fa1076fda768ab5e13ecb3f565e75e3c2fdce8ae7f4e3 The package derivppetest was found to contain malicious code...
Malicious code in cursed-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f33e4c756bc2b6484a9c8ddc7510e2b7e3dfee1ba963a77d610e61c2c897821 The package cursed-module was found to contain malicious code...
Malicious code in ctf-package-onetimeuseforctf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d37390fd81ab77282de711d615673122fd18763d31c720135595e40dd32a71b The package ctf-package-onetimeuseforctf was found to contain malicious code...
Malicious code in corsair-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c21d47c9d59d6abd121ee300ec8e6981d0fc22576fb01ca69c06633e5e46626 The package corsair-module was found to contain malicious code...
Malicious code in codecoverage-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77e8adaf551291b58aa99518bd0d9c4817709eb0e987acb0f318405926c8f6a1 The package codecoverage-tools was found to contain malicious code...
Malicious code in codeanalysis-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f4becc66a4df6fc176ded01c8ab217ae4bbc356a0c843a8258af14692f159 The package codeanalysis-common was found to contain malicious code...
Malicious code in chain-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53cc34f0f3bb0c4829ea6a271ba921ebdd97ea8272285dbc159f5ede247d27ff The package chain-multer was found to contain malicious code...
Malicious code in chai-set (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28dfa5b2cccd6b50e33c5fbb98357210b6eeac23c9764183693b3eb74da40f44 The package chai-set was found to contain malicious code...
Malicious code in chai-chain-cognivault (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19b0851e6e0e1c6814315a7876df23ebeb1c80c5afd8093f9790c0b2fb6ba605 The package chai-chain-cognivault was found to contain malicious code...
Malicious code in chai-chain-argon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 843de6d2665a1833194793cfe05d91e35574e922fbb24cc0879c32352189a29c The package chai-chain-argon was found to contain malicious code...
Malicious code in chai-as-chains (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf6eaadbaedff56f824c4c68f8af9138c01d40189e0225051d35c52dee1adc9 The package chai-as-chains was found to contain malicious code...
Malicious code in chai-as-attached (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3334b8d2a1f3861b1427af8ae49ac714b72ab19d6a571835e6c84c5d4b83b1a The package chai-as-attached was found to contain malicious code...
Malicious code in chai-as-aligned (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bfc79b3c746510178bdaa8e79ecf903f3705e61a09a5846e263159301607f91 The package chai-as-aligned was found to contain malicious code...
Malicious code in cdnjavacss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fb57ffd656f0a20fd4da4f7364cf96e67191700bda0682462b0ea9c68de1bb1 The package cdnjavacss was found to contain malicious code...
Malicious code in azurestack-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 500acb5021d6cc7c40146b6b6f8fd17563f17b68d95e52d78a749514b839cba3 The package azurestack-common was found to contain malicious code...
Malicious code in argon-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3639b8833add6b5673b5f647479520157a22229369754ef98675e97a4a56385 The package argon-node was found to contain malicious code...
Malicious code in @pansycareful/github-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0fd8e716dd8a1f3d3d8e33d9dfec9cee22ca3b511d7ac05fb3b175da1d1842 The package @pansycareful/github-helper was found to contain malicious code...
Malicious code in @hsbc-mfe/host (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a848d447b30dd51c4c541fa6a6e6d377bfe77ee4b04b4904996f725b8519789 The package @hsbc-mfe/host was found to contain malicious code...
Malicious code in @girirajravichandran/corp-build-utils-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82e79f342b1cd33520c8987b0307cb211e4b04694caef9c967725778e1802e94 The package @girirajravichandran/corp-build-utils-poc was found to contain malicious code...
Malicious code in @fyxer-ai/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3a41d542ea1950a8f7bee29e8c4602a2553a5b612c7763af1f7a80246f708f The package @fyxer-ai/shared was found to contain malicious code...
Malicious code in @abi-labs-frontend/standards (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60eba79d2fd49b58fb2a2073d2b7c87f66c1ad781bc1a6137962f9b5e772449 The package @abi-labs-frontend/standards was found to contain malicious code...
Malicious code in plugin-gem-example (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in rocketpill (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in flycalc (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in privaton-beacon-img-8f3603448690bdde-png (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron be565465ab48d5cf9d07625d2414c21814f63826ea9325c35dca838e40aa24e9 This package is an install-time-executable sdist that uses setup.py paired with an opaque data.bin payload and a beacon name...
Malicious code in @one-site/europcar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 711bd5a2f6cb47f1cf20cae950c1b89253561e63249de1fa2989ea5766f6f3bd The package @one-site/europcar was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in express-session-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3beac16c32c8776482bafbb2ad95b50b7b18bf6e93fbf712238f60a4d7ae363d The package express-session-validator was found to contain malicious code. Source: ghsa-malware...
Malicious code in express-session-vailidator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 559c32a7f4713a1d785b35766355cf1a29ef437a0dc8e5285b980c9611175cff The package express-session-vailidator was found to contain malicious code. Source: ghsa-malware...
Malicious code in sbx-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...
Malicious code in yelp-react-component-rating (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027bbca928c4c1696f388fbb2ac0ac3a7c74a29db1a6bb76b5c7431759c27421 The package yelp-react-component-rating was found to contain malicious code. Source: ghsa-malware...
Malicious code in agoda-test-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61298c02c98b568b7b2735848ed2087ced94165a58e6602af9769d359b279056 The package agoda-test-poc was found to contain malicious code. Source: ghsa-malware f1dc100458bb8a2a4c1831d2a680b7895085adc4bb5fa5c90701f52b1165eb8d...
Malicious code in agoda-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa0bc71a76133f8ba2469aab72a42ed605c22eaf6a3816754f5dff2cb21fa87 The package agoda-dep-confusion was found to contain malicious code. Source: ghsa-malware...
Malicious code in fancode-web-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e56c163153700b6fef7090e078a98b7c2403088e5c5f487344dc419af8adaa7 The package fancode-web-app was found to contain malicious code. Source: ghsa-malware a933e6c673f3cf2c4cb0e768570b64dcf627ac59e6b29c2e9afd5a5fb3d4396...
Malicious code in yelp-react-component-photo-upload (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32e7f0c90df117fd4748129db7ebb37ee6519a0f8ace68bbd197b8f6658da7ee The package yelp-react-component-photo-upload was found to contain malicious code. Source: ghsa-malware...
Malicious code in yelp-biz-action-constants-js-generated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063bb3466bef20db9d0f0c8436b384fe8b498ccceef3993ab43e0482b43efc40 The package yelp-biz-action-constants-js-generated was found to contain malicious code. Source: ghsa-malware...
Malicious code in nemo-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d59bda0a25d9b656075c91322ff0c7a8463b743465176a358265f7fb35710b98 The package nemo-fpti was found to contain malicious code. Source: ghsa-malware 7e5357f25ae0271690f061e93dc85be49cf6ebe3ccd0d09110524b0fcbb30ee3 Any...
Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
Malicious code in litellm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...
Malicious code in customerdigital-ui-components-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a8c957edf16da956a7859c7a0e1d8accbe84824b88f1f19f70a01acd07b729 The package customerdigital-ui-components-lib was found to contain malicious code. Source: ghsa-malware...
Malicious code in @wame/ngx-frf-utilities (npm)
Malicious package due to JS obfuscation, dynamic code execution, OS/DNS access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfa63e93a0b5a6ead3de9d3680bb75a023c43b59c6db80e0072b6a239cb7d5da The package...
Malicious code in @wame/ngx-adfs (npm)
Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...
Malicious code in tombac-chronos (npm)
Suspicious install script executing index.js and an untrustworthy author email domain sl4x0.xyz strongly suggest this package is malware. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69e040ef4bdedbed143a5a8d1a1bb0389fa07848772a87c03da1c67557ced13e The package...
Malicious code in @the-coca-cola-company/ngps-global-common-utils (npm)
Malicious post-install script combined with low project popularity indicates potential malware. Arbitrary code execution is a major concern. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ebe31c5bb51c354ed83627a02c11ca4c8541e042623b1b987255941ffafdaff The...
Malicious code in @phonos/types (npm)
Multiple evidences indicate malicious behavior: obfuscation, suspicious install script, access to sensitive functionalities, and untrustworthy source. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c10ea271203f85e595559214b08565cef54710fcc605eca02483606041cf5...
Malicious code in oc-navbar-module-client (npm)
Malicious package due to code obfuscation, dynamic code execution, suspicious email, install script, and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec0eedd88f7d05d96544d4fc778561471c0490c16f2fe2c6e8c70428af92e6ad The package...
Malicious code in oc-ccp-module-client (npm)
Malware due to hex obfuscation, suspicious install script, dynamic module loading, OS command access, process object access, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2b4b9cee1369c441aa8d759bc04085a8e2b14786df20656a8c6bc249e6260...
Malicious code in oc-aa-module-client (npm)
Multiple pieces of evidence suggest malicious intent: hex obfuscation, dynamic code execution, suspicious email, and install script executing index.js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ff9a96329ad67bbc8f97ec7686f7f6a8f1b94bb76be3f8f48671cafde13fc...
Malicious code in ftapi-core (npm)
Multiple suspicious behaviors: hex obfuscation, code execution via constructor, process access, install script, and suspicious author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a78a31e9e0e51a5531ac61b714695aa1af1ac1379233e78623ac3ed63285f6c The...
Malicious code in cr-static-shared-components (npm)
Malicious package due to code obfuscation, dynamic module loading, suspicious email, and arbitrary code execution during installation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fcc8531926534d3d87af7c173bfaba5f563bdbbc6ae8293de0150a0f00ba205 The package...