A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Apache License 2.0
210
stars
19
forks
source link
Adds report for stablecoin-evm (NPM) and xloportailcfn (NPM) #510
Adds report for stablecoin-evm (NPM) and xloportailcfn (NPM). Both contain code that obtains host OS information and POSTs it to an unknown URL.
Both packages have been reported to NPM.