A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.
Apache License 2.0
231
stars
21
forks
source link
Adds report for mcft_client (NPM) and wdio-api-client (NPM) #512
Adds report for mcft_client (NPM) and wdio-api-client (NPM).
Both packages communicate with an unknown host after obtaining OS/localhost information. Both packages have been reported to NPM.