225914 matches found
Malicious code in @cloudsop/hmoment (npm)
Malicious package due to suspicious install script attempting to require the current directory and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad95ef51ef99f49ca08b99a81d6a18ecb75dafb1dad2afc2bca687f221ef95dc The package...
Malicious code in @ceeferenderer/itg-renderer-sdk (npm)
Malicious package due to code obfuscation, dynamic module loading, process exposure, suspicious install script, and untrustworthy author email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b9fa22264e38705c3a7ba319515ee66036e72ab14c32d08b01a5695aa191b8 This...
Malicious code in @ceeferenderer/fe-renderer-sdk (npm)
Multiple evidences suggest malicious intent: code obfuscation, dynamic code execution, process access, install script, and suspicious email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feee20bafab758bb648bbe425a100a13e6d21799552a2b5566fe6029faef6ce4 Package...
Malicious code in cclr-component-resources (npm)
Multiple evidences suggest this package is a malware: code obfuscation, dynamic code execution, suspicious domain, and unusual install script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61af3265fce06cfbb9bbf20e38d468e136487f69c41f70b0bbb1b331535bdf82 The...
Malicious code in mgrcfg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb9b6975940ff31a6a0f6361fd93d8d361a3687103c94c011a6fdf510a2fdec The code exfiltrates content copied to clipboard content to a hardcoded location. The code is obfuscated and has a persistence mechanism. --- Category: MALICIO...
Malicious code in yelp-mobile-site-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad1d645e8b5f71c1d74bd3c213319d6674345796d462ed0e53a87c084f07a84 The package yelp-mobile-site-common was found to contain malicious code. Source: ghsa-malware...
Malicious code in rowrapee (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 398cfbdac2d3602a5c9836408942993c3f2bbcda911184825f01cf9937fb035e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
Malicious code in logutilkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 25a26f2dc6e0a8e2ba3bd43492fbffa597b39065e3f3378ea976dcabddf8fbf8 Malicious clone of a legitimate package. When using it, the code attempts to download and execute remote code. In on of the incarnations, the malicious code wa...
Malicious code in apachelicense (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d96d45a87e117e72107d6d6dfbe8c4e94323323bc28ce9accd8ccba39a0a46c Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...
Malicious code in hash-utils-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4177b7c46ecbfa35116b35a2a491107d0514cd6551a447b7213ef6e097172939 During importing the module, the code attempts to exfiltrate sensitive Telegram's client session files. --- Category: MALICIOUS - The campaign has clearly...
Malicious code in apply-hive-table (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cd10a24231fb7b6830827a26ee11d450938fce94e811f0c233c6a63a8e3c98d9 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...
Malicious code in react-tailwindcss-style (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5602af4bd6e54460627a64eb9632c4f1ec0e8604d523b76c272346a2f599cb99 The package react-tailwindcss-style was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwind-font-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2cb39a969b06dada95f847c6d5fc21fd0cb38a37c6b38a6b60ef1ca439f2147 The package tailwind-font-inter was found to contain malicious code. Source: ghsa-malware...
Malicious code in pyregions-snowflake (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c3a6759d779c0fe3ffac5559aa5f8915f72cab6bce545e1fe261f3caab47a65 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
Malicious code in dmclc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 895439e6afba407fb85d315e2c99f0d1434905a1ee72b172e62d55abbb8c93a3 During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
Malicious code in modelconftranslator (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6f61fcbf30122cbf577490fab3968c6b41f95d4d23f6916a7211066bd735ff6e During installation, the package starts obfuscated code that downloads and runs remote executables in specific environments - in older packages - attempts to...
Malicious code in financial-crimes-general-utils (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 21f201c2aada618cb80f926b029f6b83b3f3bd9ffd0b35d5a4bb0c3aa1afd792 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...
Malicious code in falcor-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9785eb8c1ddee20b09854389d561efd036035d846771b120bb4d7c412816f19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in internal-linking (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e86a043725ad201320fbd6c6531b1af050f1171216f4eeb0f15fee35f288f2d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in milla-migration (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9875dda486759645a2c370547b9a93d381a844099b8f0c4bc9f640bda56f1b00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in shakti-pwa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bdac10e664bf4e0a73263401629caf12d2ed80e3cf76f36fa18a7c2d599e5229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pulse-shop-section (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9973ec50205f8457c7d27feb3e60011e3fe79d4e0d1b7cbeaa30bc38e98e9d95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in in-app-marketing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d475c46e8eda7ca153485336dce8c0b7d3bf8e3ea31a871232bc815438bc140c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sidebar-basket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd1b121a57bf0b4d96e4f902f6d051ff5b485ab7fc412f8940ce2c294ddb660 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pulse-scroll-triggered-list-items (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5917623184677210f5a42bead660945379d7a3c1cabf055e011a2794a233d517 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pulse-rsvp-card-entity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d02d6daeedd5d906c300edc9ce1c430366876726cb5f6c69156b785a38713ad1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ty-search-suggestion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 002ad12f14550389fc7ba00e11d256e776249a0239a346e232dc8f6186ab7a76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sfx-event-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ed3495e868bcd1db85182332d575437978593cda12ceca6ab4acf1c4b28accf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in netflixidentity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 525e5909c4b766649da1482d75a1f0efac0baab424bffa4d8f8f99d00c8028fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pulse-feature-flag (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fad1549c9f60719931f740e56bfa68762b93275b97574f4d8d2c08aeedc71344 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sd-basket-highlight (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eb99aa8736f7070c6e86b764bff3d6a3297cb10df44fa32ee65d1d7c3a74754 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in storefront-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f98f783cc760be758abd241914b7bb745e69248c87c20f1b84d14a522676413a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ty-fragment-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88bca7665eab3ba9300549f837880aea1567494c90187abacee03c85eaeb99e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ty-config-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fdfad9d372aeb95a258e5f5c732b57d1d226d7101ccf09a33cd3eb93ab45d59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in puzzle-asset (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa20758e3fc1eaf5b167758e00f73f4f8cead459061a4971f7358e8aa7f436b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in netflixid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 959c71962643ba913ba0ec6bc9e5eb59a0b0546194ef23c12bbd7ba4996c60f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in puzzle-render-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c63be86e7f93cd0f5f6663aa57978a4c6ff6b497ef1aafcddcdbea71e25fa02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in uipagain (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce51f32914790894849b4c106fc9daf33bdbf5fc2cce5fbe8629a73ff78d2cbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in license-utils-kit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...
Malicious code in anduril-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a5cbc3053e38d3280b6e93548f32f64751b0499f79b439459b733d4ca88b426f During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...
Malicious code in unhandledrejection1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f2b4dcba608cf46c9d933fd9af75d42e1f10758f11890ea7afa67460e5c3ce1 The package unhandledrejection1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @thiagoemmanuell/unhandledrejection (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c7b0d7b4bc457f62d681b55f8cd95c7759ad36fd6565ff2e3e0dd95a0faca97 The package @thiagoemmanuell/unhandledrejection was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @emilgroup/document-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ce75300fb34ac856a75eba90e2d05ccf97af99f2b5f9b3b907635991b3dcf95 The package @emilgroup/document-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/discount-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d109da0bd9a556f8a45c44748a2ab182a550fb56fddcfe61b382a543801b94a The package @emilgroup/discount-sdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/task-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10e089e1ab5774c571e6a0f5c650a044301456e9558509c051d38dce51eac73 The package @emilgroup/task-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/document-uploader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9545035f18325efa93cf60c56ca9d4999961bde09a54893baf373ad5f5fa7b5 The package @emilgroup/document-uploader was found to contain malicious code. Source: ghsa-malware...
Malicious code in @airtm/uuid-base32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5843013e1c89122451c17ec535f73c4e36dc3596c32522dd9b03bbb68637c4f3 The package @airtm/uuid-base32 was found to contain malicious code. Source: ghsa-malware...
Malicious code in cit-playwright-tests (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7b3ed19c372c719b1d1b35ada72bf080aa8bc45406114b8361a94360bf2eb48 The package cit-playwright-tests was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/task-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4aef8ca2987206595d5c54a2df6265669bdb67ca99915bb763ac38f2d6a46d7 The package @emilgroup/task-sdk was found to contain malicious code. Source: ghsa-malware...