THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for brave-search-mcp-server (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (d7d65e78a73a4cc2064d0ab9210a76c7c55f69553b70879dd649d7ad84e48dc0)
The OpenSSF Package Analysis project identified 'brave-search-mcp-server' @ 1.0.0 (npm) as malicious.
It is considered malicious because:
The package communicates with a domain associated with malicious activity.
The package executes one or more commands associated with malicious behavior.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in fundraiserserv (npm)fundraiserserv92
- Malicious code in vg-interaction-model (npm)vg-interaction-model92
- Malicious code in sourceflow-tracker (npm)sourceflow-tracker92
- Malicious code in page-info-service (npm)page-info-service92
- Malicious code in po-ops-local-dev (npm)po-ops-local-dev92