T1059.007
Command and Scripting Interpreter: JavaScript
discovered 2024-11-04package.json postinstall runs node ./lib/core/eval.js; stage 1 retrieves remote JS and executes it via eval(), giving the attacker arbitrary runtime code delivery.
View on MITRE ATT&CKSeen in packages
- npm llm-oracleuses
- npm redis-oracleuses
- npm themes-vendoruses
- npm x509-escapinguses
- npm keycloak-serveruses
- npm module-stubuses
- npm postject-copyuses
- npm micrometer-docsuses
- npm orbit-playroomuses
- npm weekendfeuses
- npm chrome-api-utilsuses
- npm grafana-sentry-datasourceuses
- npm @patternfly-v5/patternflyuses
- npm electron-builder-13uses
- npm graphql.vscode-graphql-syntaxuses
- npm mattermost-cloudnative-bootstrapperuses
- npm nyc-configuses
- npm slf4j-api-jsuses
- npm express-cookie-parseruses
- npm eslint-config-prettieruses
- npm eslint-plugin-prettieruses
- npm snyckituses
- npm @pkgr/coreuses
- npm napi-postinstalluses
- npm tensorflowjsuses
- npm nxuses
- npm @nx/jsuses
- npm ansi-stylesuses
- npm debuguses
- npm chalkuses
- npm supports-coloruses
- npm strip-ansiuses
- npm ansi-regexuses
- npm wrap-ansiuses
- npm color-convertuses
- npm color-nameuses
- npm is-arrayishuses
- npm slice-ansiuses
- npm error-exuses
- npm color-stringuses
- npm simple-swizzleuses
- npm supports-hyperlinksuses
- npm has-ansiuses
- npm chalk-templateuses
- npm backslashuses
- npm @ctrl/tinycoloruses
- npm hyatt-residential-rosteruses
- npm hyatt-albumuses
- npm hyatt-avataruses
- npm @zapier/zapier-sdkuses
- npm @asyncapi/specsuses
- npm @quick-start-soft/quick-markdown-printuses
- npm @quick-start-soft/quick-markdownuses
- npm @quick-start-soft/quick-remove-image-backgrounduses
- npm @quick-start-soft/quick-git-clean-markdownuses
- npm @quick-start-soft/quick-document-translatoruses
- npm @quick-start-soft/quick-markdown-imageuses
- npm @quick-start-soft/quick-task-refineuses
- npm @asyncapi/modelinauses
- npm posthog-react-nativeuses
- npm posthog-nodeuses
- npm @postman/secret-scanner-wasmuses
- npm @postman/csv-parseuses
- npm @postman/node-keytaruses
- npm @postman/tunnel-agentuses
- npm @postman/wdio-allure-reporteruses
- npm @postman/postman-mcp-cliuses
- npm @postman/mcp-ui-clientuses
- npm @postman/wdio-junit-reporteruses
- npm @postman/pm-bin-macos-arm64uses
- npm @postman/pm-bin-linux-x64uses
- npm @postman/aether-iconsuses
- npm @Schedaero/shareduses
- npm pino-sdk-v2uses
- npm react-refresh-updateuses
- npm oc-aa-module-clientuses
- npm @wame/ngx-adfsuses
- npm @the-coca-cola-company/ngps-global-common-utilsuses
- npm cr-static-shared-componentsuses
- npm @ceeferenderer/fe-renderer-sdkuses
- npm axiosuses
- npm express-session-jsuses
- npm mgcuses
- npm strapi-plugin-cronuses
- npm strapi-plugin-configuses
- npm strapi-plugin-serveruses
- npm strapi-plugin-databaseuses
- npm strapi-plugin-coreuses
- npm strapi-plugin-hooksuses
- npm strapi-plugin-monitoruses
- npm strapi-plugin-eventsuses
- npm strapi-plugin-loggeruses
- npm strapi-plugin-healthuses
- npm strapi-plugin-syncuses
- npm strapi-plugin-seeduses
- npm strapi-plugin-localeuses
- npm strapi-plugin-formuses
- npm strapi-plugin-notifyuses
- npm strapi-plugin-apiuses
- npm strapi-plugin-sitemap-genuses
- npm strapi-plugin-nordica-toolsuses
- npm strapi-plugin-nordica-syncuses
- npm strapi-plugin-nordica-cmsuses
- npm strapi-plugin-nordica-apiuses
- npm strapi-plugin-nordica-reconuses
- npm strapi-plugin-nordica-stageuses
- npm strapi-plugin-nordica-vhostuses
- npm strapi-plugin-nordica-deepuses
- npm strapi-plugin-nordica-liteuses
- npm strapi-plugin-nordicauses
- npm strapi-plugin-finsevenuses
- npm strapi-plugin-hextestuses
- npm strapi-plugin-cms-toolsuses
- npm strapi-plugin-content-syncuses
- npm strapi-plugin-debug-toolsuses
- npm strapi-plugin-health-checkuses
- npm strapi-plugin-guardarian-extuses
- npm strapi-plugin-advanced-uuiduses
- npm strapi-plugin-blurhashuses
- npm @fairwords/websocketuses
- npm @fairwords/loopback-connector-esuses
- npm @fairwords/encryptionuses
- npm @velora-dex/sdkuses
- npm sjs-bigintegeruses
- npm sjs-lint-build1uses
- npm bjs-bigintegeruses
- npm bjs-lint-builderuses
- npm bjs-lint-buildersuses
- npm cjs-bigintegeruses
- npm ts-lint-buildsuses
- npm @genoma-ui/componentsuses
- npm rrweb-v1uses
- npm @needl-ai/commonuses
- npm dom-utils-liteuses
- npm centraloggeruses
- npm forge-jsxuses
- npm @johntaohunter/forge-jsxuses
- npm js-logger-packuses
- npm ixpresso-coreuses
- npm godsplanuses
- npm eyevoxuses
- npm @bitwarden/cliuses
- npm @cap-js/sqliteuses
- npm @cap-js/postgresuses
- npm @cap-js/db-serviceuses
- npm mbtuses
- npm npm-global-utiluses
- npm redeem-onchain-sdkuses
- npm exioussuses
- npm common-tg-serviceuses
- npm ams-sskuses
- npm node-env-resolveuses
- npm martinez-polygon-clipping-tonyuses
- npm noon-contractsuses
- npm @beproduct/nestjs-authuses
- npm @dirigible-ai/sdkuses
- npm @draftauth/clientuses
- npm @draftauth/coreuses
- npm @draftlab/authuses
- npm @draftlab/auth-routeruses
- npm @draftlab/dbuses
- npm @mesadev/restuses
- npm @mesadev/saguarouses
- npm @mesadev/sdkuses
- npm @mistralai/mistralaiuses
- npm @mistralai/mistralai-azureuses
- npm @mistralai/mistralai-gcpuses
- npm @ml-toolkit-ts/preprocessinguses
- npm @ml-toolkit-ts/xgboostuses
- npm @opensearch-project/opensearchuses
- npm @squawk/airport-datauses
- npm @squawk/airportsuses
- npm @squawk/airspaceuses
- npm @squawk/airspace-datauses
- npm @squawk/airway-datauses
- npm @squawk/airwaysuses
- npm @squawk/fix-datauses
- npm @squawk/fixesuses
- npm @squawk/flight-mathuses
- npm @squawk/flightplanuses
- npm @squawk/geouses
- npm @squawk/icao-registryuses
- npm @squawk/icao-registry-datauses
- npm @squawk/mcpuses
- npm @squawk/navaid-datauses
- npm @squawk/navaidsuses
- npm @squawk/notamsuses
- npm @squawk/procedure-datauses
- npm @squawk/proceduresuses
- npm @squawk/typesuses
- npm @squawk/unitsuses
- npm @squawk/weatheruses
- npm @supersurkhet/cliuses
- npm @supersurkhet/sdkuses
- npm @tallyui/componentsuses
- npm @tallyui/connector-medusauses
- npm @tallyui/connector-shopifyuses
- npm @tallyui/connector-vendureuses
- npm @tallyui/connector-woocommerceuses
- npm @tallyui/coreuses
- npm @tallyui/databaseuses
- npm @tallyui/posuses
- npm @tallyui/storage-sqliteuses
- npm @tallyui/themeuses
- npm @tanstack/arktype-adapteruses
- npm @tanstack/eslint-plugin-routeruses
- npm @tanstack/eslint-plugin-startuses
- npm @tanstack/historyuses
- npm @tanstack/nitro-v2-vite-pluginuses
- npm @tanstack/react-routeruses
- npm @tanstack/react-router-devtoolsuses
- npm @tanstack/react-router-ssr-queryuses
- npm @tanstack/react-startuses
- npm @tanstack/react-start-clientuses
- npm @tanstack/react-start-rscuses
- npm @tanstack/react-start-serveruses
- npm @tanstack/router-cliuses
- npm @tanstack/router-coreuses
- npm @tanstack/router-devtoolsuses
- npm @tanstack/router-devtools-coreuses
- npm @tanstack/router-generatoruses
- npm @tanstack/router-pluginuses
- npm @tanstack/router-ssr-query-coreuses
- npm @tanstack/router-utilsuses
- npm @tanstack/router-vite-pluginuses
- npm @tanstack/solid-routeruses
- npm @tanstack/solid-router-devtoolsuses
- npm @tanstack/solid-router-ssr-queryuses
- npm @tanstack/solid-startuses
- npm @tanstack/solid-start-clientuses
- npm @tanstack/solid-start-serveruses
- npm @tanstack/start-client-coreuses
- npm @tanstack/start-fn-stubsuses
- npm @tanstack/start-plugin-coreuses
- npm @tanstack/start-server-coreuses
- npm @tanstack/start-static-server-functionsuses
- npm @tanstack/start-storage-contextuses
- npm @tanstack/valibot-adapteruses
- npm @tanstack/virtual-file-routesuses
- npm @tanstack/vue-routeruses
- npm @tanstack/vue-router-devtoolsuses
- npm @tanstack/vue-router-ssr-queryuses
- npm @tanstack/vue-startuses
- npm @tanstack/vue-start-clientuses
- npm @tanstack/vue-start-serveruses
- npm @tanstack/zod-adapteruses
- npm @taskflow-corp/cliuses
- npm @tolka/cliuses
- npm @uipath/access-policy-sdkuses
- npm @uipath/access-policy-tooluses
- npm @uipath/admin-tooluses
- npm @uipath/agent-sdkuses
- npm @uipath/agent-tooluses
- npm @uipath/agent.sdkuses
- npm @uipath/aops-policy-tooluses
- npm @uipath/ap-chatuses
- npm @uipath/api-workflow-tooluses
- npm @uipath/apollo-coreuses
- npm @uipath/apollo-reactuses
- npm @uipath/apollo-winduses
- npm @uipath/authuses
- npm @uipath/case-tooluses
- npm @uipath/cliuses
- npm @uipath/codedagent-tooluses
- npm @uipath/codedagents-tooluses
- npm @uipath/codedapp-tooluses
- npm @uipath/commonuses
- npm @uipath/context-grounding-tooluses
- npm @uipath/data-fabric-tooluses
- npm @uipath/docsai-tooluses
- npm @uipath/filesystemuses
- npm @uipath/flow-tooluses
- npm @uipath/functions-tooluses
- npm @uipath/gov-tooluses
- npm @uipath/identity-tooluses
- npm @uipath/insights-sdkuses
- npm @uipath/insights-tooluses
- npm @uipath/integrationservice-sdkuses
- npm @uipath/integrationservice-tooluses
- npm @uipath/llmgw-tooluses
- npm @uipath/maestro-sdkuses
- npm @uipath/maestro-tooluses
- npm @uipath/orchestrator-tooluses
- npm @uipath/packager-tool-apiworkflowuses
- npm @uipath/packager-tool-bpmnuses
- npm @uipath/packager-tool-caseuses
- npm @uipath/packager-tool-connectoruses
- npm @uipath/packager-tool-flowuses
- npm @uipath/packager-tool-functionsuses
- npm @uipath/packager-tool-webappuses
- npm @uipath/packager-tool-workflowcompileruses
- npm @uipath/packager-tool-workflowcompiler-browseruses
- npm @uipath/platform-tooluses
- npm @uipath/project-packageruses
- npm @uipath/resource-tooluses
- npm @uipath/resourcecatalog-tooluses
- npm @uipath/resources-tooluses
- npm @uipath/robotuses
- npm @uipath/rpa-legacy-tooluses
- npm @uipath/rpa-tooluses
- npm @uipath/solution-packageruses
- npm @uipath/solution-tooluses
- npm @uipath/solutionpackager-sdkuses
- npm @uipath/solutionpackager-tool-coreuses
- npm @uipath/tasks-tooluses
- npm @uipath/telemetryuses
- npm @uipath/test-manager-tooluses
- npm @uipath/tool-workflowcompileruses
- npm @uipath/traces-tooluses
- npm @uipath/ui-widgets-multi-file-uploaduses
- npm @uipath/uipath-python-bridgeuses
- npm @uipath/vertical-solutions-tooluses
- npm @uipath/vssuses
- npm @uipath/widget.sdkuses
- npm agentwork-cliuses
- npm cmux-agent-mcpuses
- npm cross-stitchuses
- npm git-branch-selectoruses
- npm git-git-gituses
- npm ml-toolkit-tsuses
- npm nextmove-mcpuses
- npm safe-actionuses
- npm ts-dnauses
- npm wot-apiuses
- npm iceberg-javascriptuses
- npm supabase-javascriptuses
- npm auth-javascriptuses
- npm microsoft-applicationinsights-commonuses
- npm ms-graph-typesuses
- npm node-ipcuses
- npm ai-figureuses
- npm amapcnuses
- npm @antv/a8uses
- npm @antv/adjustuses
- npm @antv/algorithmuses
- npm @antv/async-hookuses
- npm @antv/attruses
- npm @antv/avauses
- npm @antv/ava-reactuses
- npm @antv/awardsuses
- npm @antv/calendar-heatmapuses
- npm @antv/chart-linteruses
- npm @antv/chart-node-g6uses
- npm @antv/chart-visualization-skillsuses
- npm @antv/ckbuses
- npm @antv/color-schemauses
- npm @antv/color-utiluses
- npm @antv/componentuses
- npm @antv/coorduses
- npm @antv/d3-coloruses
- npm @antv/d3-interpolateuses
- npm @antv/data-samplesuses
- npm @antv/data-setuses
- npm @antv/data-wizarduses
- npm @antv/dipper-componentuses
- npm @antv/dipper-hooksuses
- npm @antv/dipper-mapuses
- npm @antv/dom-utiluses
- npm @antv/dumi-theme-antvuses
- npm @antv/dw-analyzeruses
- npm @antv/dw-randomuses
- npm @antv/dw-transformuses
- npm @antv/dw-utiluses
- npm @antv/event-emitteruses
- npm @antv/expruses
- npm @antv/f2uses
- npm @antv/f2-algorithmuses
- npm @antv/f2-canvasuses
- npm @antv/f2-contextuses
- npm @antv/f2-graphicuses
- npm @antv/f2-myuses
- npm @antv/f2-reactuses
- npm @antv/f2-siteuses
- npm @antv/f2-vueuses
- npm @antv/f2-wordclouduses
- npm @antv/f2-wxuses
- npm @antv/f6uses
- npm @antv/f6-alipayuses
- npm @antv/f6-coreuses
- npm @antv/f6-elementuses
- npm @antv/f6-hammerjsuses
- npm @antv/f6-pluginuses
- npm @antv/f6-uiuses
- npm @antv/f6-wxuses
- npm @antv/f-chartsuses
- npm @antv/f-engineuses
- npm @antv/f-lottieuses
- npm @antv/f-myuses
- npm @antv/f-reactuses
- npm @antv/f-test-utilsuses
- npm @antv/f-vueuses
- npm @antv/f-wxuses
- npm @antv/g2uses
- npm @antv/g2-brushuses
- npm @antv/g2-extension-3duses
- npm @antv/g2-extension-avauses
- npm @antv/g2-extension-plotuses
- npm @antv/g2plotuses
- npm @antv/g2plot-schemasuses
- npm @antv/g2-plugin-slideruses
- npm @antv/g2-ssruses
- npm @antv/guses
- npm @antv/g6uses
- npm @antv/g6-alipayuses
- npm @antv/g6-cliuses
- npm @antv/g6-coreuses
- npm @antv/g6-editoruses
- npm @antv/g6-elementuses
- npm @antv/g6-extension-3duses
- npm @antv/g6-extension-reactuses
- npm @antv/g6-mobileuses
- npm @antv/g6-pcuses
- npm @antv/g6-pluginuses
- npm @antv/g6-plugin-map-viewuses
- npm @antv/g6-pluginsuses
- npm @antv/g6-react-nodeuses
- npm @antv/g6-ssruses
- npm @antv/g6-wxuses
- npm @antv/gatsby-themeuses
- npm @antv/g-baseuses
- npm @antv/g-camera-apiuses
- npm @antv/g-canvasuses
- npm @antv/g-canvaskituses
- npm @antv/g-compatuses
- npm @antv/g-componentsuses
- npm @antv/g-css-layout-apiuses
- npm @antv/g-css-typed-om-apiuses
- npm @antv/g-device-apiuses
- npm @antv/g-dom-mutation-observer-apiuses
- npm @antv/geo-coorduses
- npm @antv/g-gestureuses
- npm @antv/gi-assets-advanceuses
- npm @antv/gi-assets-algorithmuses
- npm @antv/gi-assets-basicuses
- npm @antv/gi-assets-galaxybaseuses
- npm @antv/gi-assets-graphscopeuses
- npm @antv/gi-assets-hugegraphuses
- npm @antv/gi-assets-janusgraphuses
- npm @antv/gi-assets-neo4juses
- npm @antv/gi-assets-sceneuses
- npm @antv/gi-assets-tugraphuses
- npm @antv/gi-assets-tugraph-analyticsuses
- npm @antv/gi-assets-xlabuses
- npm @antv/gi-cliuses
- npm @antv/gi-common-componentsuses
- npm @antv/g-image-exporteruses
- npm @antv/gi-mock-datauses
- npm @antv/gi-public-datauses
- npm @antv/gi-sdkuses
- npm @antv/gi-sdk-appuses
- npm @antv/gi-theme-antduses
- npm @antv/github-config-cliuses
- npm @antv/g-layout-blocklikeuses
- npm @antv/g-liteuses
- npm @antv/gl-matrixuses
- npm @antv/g-lottie-playeruses
- npm @antv/g-mathuses
- npm @antv/g-mobileuses
- npm @antv/g-mobile-canvasuses
- npm @antv/g-mobile-canvas-elementuses
- npm @antv/g-mobile-svguses
- npm @antv/g-mobile-webgluses
- npm @antv/g-patternuses
- npm @antv/g-perfuses
- npm @antv/g-plugin-3duses
- npm @antv/g-plugin-a11yuses
- npm @antv/g-plugin-annotationuses
- npm @antv/g-plugin-box2duses
- npm @antv/g-plugin-canvaskit-rendereruses
- npm @antv/g-plugin-canvas-path-generatoruses
- npm @antv/g-plugin-canvas-pickeruses
- npm @antv/g-plugin-canvas-rendereruses
- npm @antv/g-plugin-controluses
- npm @antv/g-plugin-css-selectuses
- npm @antv/g-plugin-device-rendereruses
- npm @antv/g-plugin-dom-interactionuses
- npm @antv/g-plugin-dragndropuses
- npm @antv/g-plugin-gestureuses
- npm @antv/g-plugin-gpgpuuses
- npm @antv/g-plugin-html-rendereruses
- npm @antv/g-plugin-image-loaderuses
- npm @antv/g-plugin-matterjsuses
- npm @antv/g-plugin-mobile-interactionuses
- npm @antv/g-plugin-physxuses
- npm @antv/g-plugin-rough-canvas-rendereruses
- npm @antv/g-plugin-rough-svg-rendereruses
- npm @antv/g-plugin-svg-pickeruses
- npm @antv/g-plugin-svg-rendereruses
- npm @antv/g-plugin-webgl-deviceuses
- npm @antv/g-plugin-webgl-rendereruses
- npm @antv/g-plugin-webgpu-deviceuses
- npm @antv/g-plugin-yogauses
- npm @antv/g-plugin-zdog-canvas-rendereruses
- npm @antv/g-plugin-zdog-svg-rendereruses
- npm @antv/gpt-visuses
- npm @antv/gpt-vis-ssruses
- npm @antv/graphinuses
- npm @antv/graphin-componentsuses
- npm @antv/graphin-graphscopeuses
- npm @antv/graphin-iconsuses
- npm @antv/graphlibuses
- npm @antv/g-shader-componentsuses
- npm @antv/g-svguses
- npm @antv/g-web-animations-apiuses
- npm @antv/g-web-componentsuses
- npm @antv/g-webgluses
- npm @antv/g-webgl-computeuses
- npm @antv/g-webgpuuses
- npm @antv/g-webgpu-compileruses
- npm @antv/g-webgpu-coreuses
- npm @antv/g-webgpu-engineuses
- npm @antv/g-webgpu-raytraceruses
- npm @antv/g-webgpu-unitchartuses
- npm @antv/hierarchyuses
- npm @antv/infographicuses
- npm @antv/insight-componentuses
- npm @antv/interactionuses
- npm @antv/istanbuluses
- npm @antv/knowledgeuses
- npm @antv/l7uses
- npm @antv/l7-componentuses
- npm @antv/l7-composite-layersuses
- npm @antv/l7-coreuses
- npm @antv/l7-districtuses
- npm @antv/l7-drawuses
- npm @antv/l7-editoruses
- npm @antv/l7-extension-g-layeruses
- npm @antv/l7-layersuses
- npm @antv/l7-leafletuses
- npm @antv/l7-mapuses
- npm @antv/l7-mapkituses
- npm @antv/l7-mapsuses
- npm @antv/l7-miniuses
- npm @antv/l7-passuses
- npm @antv/l7plotuses
- npm @antv/l7plot-componentuses
- npm @antv/l7-reactuses
- npm @antv/l7-rendereruses
- npm @antv/l7-sceneuses
- npm @antv/l7-sourceuses
- npm @antv/l7-threeuses
- npm @antv/l7-utilsuses
- npm @antv/larkmapuses
- npm @antv/layout-gpuuses
- npm @antv/layout-wasmuses
- npm @antv/li-aiearth-assetsuses
- npm @antv/li-analysis-assetsuses
- npm @antv/li-core-assetsuses
- npm @antv/li-editoruses
- npm @antv/li-p2uses
- npm @antv/li-sam-assetsuses
- npm @antv/li-sdkuses
- npm @antv/lite-insightuses
- npm @antv/matrix-utiluses
- npm @antv/mcp-server-antvuses
- npm @antv/mcp-server-chartuses
- npm @antv/my-f2uses
- npm @antv/my-f2-pcuses
- npm @antv/narrative-text-editoruses
- npm @antv/narrative-text-schemauses
- npm @antv/narrative-text-visuses
- npm @antv/path-utiluses
- npm @antv/react-guses
- npm @antv/s2uses
- npm @antv/s2-reactuses
- npm @antv/s2-react-componentsuses
- npm @antv/s2-ssruses
- npm @antv/s2-vueuses
- npm @antv/samuses
- npm @antv/scaleuses
- npm @antv/semantic-release-pnpmuses
- npm @antv/smart-coloruses
- npm @antv/statuses
- npm @antv/t8uses
- npm @antv/thumbnailsuses
- npm @antv/thumbnails-componentuses
- npm @antv/torchuses
- npm @antv/translatoruses
- npm @antv/utiluses
- npm @antv/vendoruses
- npm @antv/vis-predict-engineuses
- npm @antv/webgpu-graphuses
- npm @antv/word-scale-chartuses
- npm @antv/wx-f2uses
- npm @antv/x6uses
- npm @antv/x6-angular-shapeuses
- npm @antv/x6-commonuses
- npm @antv/x6-componentsuses
- npm @antv/x6-geometryuses
- npm @antv/x6-plugin-clipboarduses
- npm @antv/x6-plugin-dnduses
- npm @antv/x6-plugin-exportuses
- npm @antv/x6-plugin-historyuses
- npm @antv/x6-plugin-keyboarduses
- npm @antv/x6-plugin-minimapuses
- npm @antv/x6-plugin-scrolleruses
- npm @antv/x6-plugin-selectionuses
- npm @antv/x6-plugin-snaplineuses
- npm @antv/x6-plugin-stenciluses
- npm @antv/x6-plugin-transformuses
- npm @antv/x6-reactuses
- npm @antv/x6-react-componentsuses
- npm @antv/x6-react-shapeuses
- npm @antv/x6-vectoruses
- npm @antv/x6-vue3-shapeuses
- npm @antv/x6-vue-shapeuses
- npm @antv/xflowuses
- npm @antv/xflow-coreuses
- npm @antv/xflow-diffuses
- npm @antv/xflow-extensionuses
- npm @antv/xflow-hookuses
- npm ast-pluginuses
- npm babel-plugin-versionuses
- npm boring-avatars-vanillauses
- npm byte-parseruses
- npm canvas-nest.jsuses
- npm echarts-for-reactuses
- npm filesize.jsuses
- npm fixed-rounduses
- npm gantt-for-reactuses
- npm jest-canvas-mockuses
- npm jest-date-mockuses
- npm jest-electronuses
- npm jest-expectuses
- npm jest-less-loaderuses
- npm jest-random-mockuses
- npm jest-url-loaderuses
- npm limit-sizeuses
- npm lint-mduses
- npm lint-md-cliuses
- npm @lint-md/cliuses
- npm @lint-md/coreuses
- npm @lint-md/parseruses
- npm mcp-echartsuses
- npm mcp-mermaiduses
- npm mizuses
- npm onfire.jsuses
- npm react-adsenseuses
- npm relationship.jsuses
- npm ribbon.jsuses
- npm size-sensoruses
- npm slice.jsuses
- npm timeago.jsuses
- npm timeago-reactuses
- npm uri-parseuses
- npm word-widthuses
- npm xmorseuses
- npm art-templateuses
- npm polymarket-trading-cliuses
- npm polymarket-terminaluses
- npm polymarket-tradeuses
- npm polymarket-auto-tradeuses
- npm polymarket-copy-tradinguses
- npm polymarket-botuses
- npm polymarket-claude-codeuses
- npm polymarket-ai-agentuses
- npm polymarket-traderuses
- npm forge-jsxyuses
- npm @cloudplatform-single-spa/billinguses
- npm faster-axiosuses
- npm turbo-axiosuses
- npm @redhat-cloud-services/patch-clientuses
Campaigns
- No Specific Campaignattributed-to
- Enterprise Dependency Confusionattributed-to
- eslint-config-prettier Compromiseattributed-to
- s1ngularity nx Build System Compromiseattributed-to
- qix npm Account Compromiseattributed-to
- Shai-Huludattributed-to
- Strapi Plugin C2 Campaignattributed-to
- fairwords Credential Wormattributed-to
- big.js Typosquat SSH Backdoorattributed-to
- tanvisoul9 npm Backdoorsattributed-to
- forge-jsx RATattributed-to
- Contagious Interviewattributed-to
- fucktestpad npm Malwareattributed-to
- TeamPCPattributed-to
- Mini Shai-Huludattributed-to
- Crypto Wallet Drainersattributed-to
- shetty123 Telegram Hijackattributed-to
- Claude Code Hook Backdoorsattributed-to
- oob-moika-tech-depconf-2026attributed-to
- Epsilon Axios Typosquat Campaignattributed-to
- Miasma: The Spreading Blightattributed-to
