The following list includes NPM packages that were updated or published in the last 7 days and have been identified as malicious by the Sysdig Threat Research Team based on dynamic analysis.
-
string-setup-helper, 1.0.22, monthly downloads 2133.
Suspicious domain found: api.ipify.org
Rules triggered:- DNS Lookup for Reconnaissance Service Detected (Sysdig Runtime Notable Events)
-
string-setup-helper, 1.0.28, monthly downloads 2133.
Suspicious domain found: api.ipify.org
Rules triggered:- DNS Lookup for Reconnaissance Service Detected (Sysdig Runtime Notable Events)
-
string-setup-helper, 1.0.19, monthly downloads 2133.
Suspicious domain found: api.ipify.org
Rules triggered:- DNS Lookup for Reconnaissance Service Detected (Sysdig Runtime Notable Events)
-
string-setup-helper, 1.0.18, monthly downloads 2133.
Suspicious domain found: api.ipify.org
Rules triggered:- DNS Lookup for Reconnaissance Service Detected (Sysdig Runtime Notable Events)
-
string-setup-helper, 1.0.16, monthly downloads 2133.
Suspicious domain found: api.ipify.org
Rules triggered:- DNS Lookup for Reconnaissance Service Detected (Sysdig Runtime Notable Events)
-
tombac-icons, 1.5.9, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.4.9, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.3.9, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.2.9, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.0.8, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.0.6, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.0.4, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
tombac-icons, 1.0.2, monthly downloads 1559.
Rules triggered:- Privileged Shell Spawned Inside Container (Sysdig Runtime Notable Events)
-
gx-ui-common, 1.2.68, monthly downloads 933.
Suspicious domain found: 07afd61f5c293f94.sc8xtubb9xcmd9vnn91r9oy79yft3kr9.oastify.com, sc8xtubb9xcmd9vnn91r9oy79yft3kr9.oastify.com
Rules triggered:- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
gx-ui-common, 1.2.67, monthly downloads 933.
Suspicious domain found: 38053572bba7e0bf.sc8xtubb9xcmd9vnn91r9oy79yft3kr9.oastify.com, sc8xtubb9xcmd9vnn91r9oy79yft3kr9.oastify.com
Rules triggered:- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
gx-ui-common, 1.2.66, monthly downloads 933.
Suspicious domain found: a8dd0aa60bc60aa0.bl0g2dkuigl5ms46wsaai77qihobc30s.oastify.com, bl0g2dkuigl5ms46wsaai77qihobc30s.oastify.com
Rules triggered:- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
gx-ui-common, 1.2.65, monthly downloads 933.
Suspicious domain found: kc0ptmb39pced1vfn11j9gyz9qfj39ry.oastify.com
Rules triggered:- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
react-markdown-v7, 1.3.9, monthly downloads 917.
Suspicious domain found: o8x63cbgpx6f2se77ecl8i2g97fy3tri.oastify.com
Rules triggered:- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
teshf, 1939.0.0, monthly downloads 870.
Suspicious domain found: teshf.unhsfnnralonzbjxqyvdsskrwlbg27zue.oast.fun
Rules triggered:- Network Tool Executed During NPM Install (Sysdig Runtime Threat Detection)
- DNS Lookup for Offensive Security Tool Domain Detected (Sysdig Runtime Threat Intelligence)
-
teshf, 1339.0.0, monthly downloads 870.
Suspicious domain found: teshf.unhsfnnralonzbjxqyvdsskrwlbg27zue.oast.fun