THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
Risk score
92
AI summary
Indexed incident for worker-build (npm).
Description
The OpenSSF Package Analysis project identified 'worker-build' @ 9.0.1 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
=9.0.1
Indicators
- affected version=9.0.175%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in ecto-corsair-whisper-6f3b9 (npm)ecto-corsair-whisper-6f3b992
- Malicious code in @tt-aem-tt4a/shared-components (npm)@tt-aem-tt4a/shared-components92
- Malicious code in @whatnot-web/www-legacy (npm)@whatnot-web/www-legacy92
- Malicious code in vite-tsconfig (npm)vite-tsconfig92
- Malicious code in webpack-patch (npm)webpack-patch92