THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for sourceflow-tracker (npm).
Description
-= Per source details. Do not edit below this line.=-
Source: ossf-package-analysis (1699207dcb748d9894d27585d5e49f48e906eae167d75434c15cd15f1aeb5502)
The OpenSSF Package Analysis project identified 'sourceflow-tracker' @ 99.91.9 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
<function fixed() { [native code] }
Indicators
- affected_version<function fixed() { [native code] }75%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in fundraiserserv (npm)fundraiserserv92
- Malicious code in vg-interaction-model (npm)vg-interaction-model92
- Malicious code in page-info-service (npm)page-info-service92
- Malicious code in po-ops-local-dev (npm)po-ops-local-dev92
- Malicious code in @att-ebiz/abs-components-bc (npm)@att-ebiz/abs-components-bc92