THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for sorenson-webfonts (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (ebdc541a49aeb340c75d6a96abee6465496dc22a04e82be2f03b85b2be1c3881)
The OpenSSF Package Analysis project identified 'sorenson-webfonts' @ 99.9.1 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in lib-1779997093-yjeeqn (PyPI)lib-1779997093-yjeeqn92
- Malicious code in @neon-i18n/core-ui (npm)@neon-i18n/core-ui92
- Malicious code in my-test-package-2025-xyz (PyPI)my-test-package-2025-xyz92
- Malicious code in @polka-ui/config (npm)@polka-ui/config92
- Malicious code in editorial-code (npm)editorial-code92