THREATPKG
SYNC STALE
Supply-chain threat intelligence
Incident detail
criticalnpm·malware·osv
Malicious code in @tt-aem-tt4a/shared-components (npm)
Risk score
92
AI summary
Indexed incident for @tt-aem-tt4a/shared-components (npm).
Description
The OpenSSF Package Analysis project identified '@tt-aem-tt4a/shared-components' @ 10.0.0 (npm) as malicious.
It is considered malicious because:
- The package communicates with a domain associated with malicious activity.
Technical details
Affected versions
=10.0.0
Indicators
- affected version=10.0.075%
Timeline
- Advisory published
- Indexed by ThreatPkg
Related incidents
- Malicious code in worker-build (npm)worker-build92
- Malicious code in ecto-corsair-whisper-6f3b9 (npm)ecto-corsair-whisper-6f3b992
- Malicious code in @whatnot-web/www-legacy (npm)@whatnot-web/www-legacy92
- Malicious code in vite-tsconfig (npm)vite-tsconfig92
- Malicious code in webpack-patch (npm)webpack-patch92