THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
criticalnpm·malware·osv
Malicious code in @att-ebiz/abs-components-bc (npm)
Risk score
92
AI summary
Indexed incident for @att-ebiz/abs-components-bc (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (d9d4d8606057fc579fbbc6ede648c88bb580827838850f589e8887c1dd374a39)
The OpenSSF Package Analysis project identified '@att-ebiz/abs-components-bc' @ 99.9.1 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in fundraiserserv (npm)fundraiserserv92
- Malicious code in vg-interaction-model (npm)vg-interaction-model92
- Malicious code in sourceflow-tracker (npm)sourceflow-tracker92
- Malicious code in page-info-service (npm)page-info-service92
- Malicious code in po-ops-local-dev (npm)po-ops-local-dev92