mal-2026-4288
Vulnerability from ossf_malicious_packages
Published
2026-05-21 18:52
Modified
2026-05-26 05:55
Summary
Malicious code in @jaggle/resizeobserves (npm)
Details
-= Per source details. Do not edit below this line.=-
Source: amazon-inspector (3fe4b050d79ecfc702c9222cf3347e49d4530efd23a2120ee040ef32e0a76e4f)
Package name impersonates the popular @juggle/resize-observer (j→j substitution and pluralized 'resizeobserves') and the README is copied verbatim from the legitimate package, but the tarball ships an unrelated Python module (clipboard_guardian) that has nothing to do with a ResizeObserver polyfill. The postinstall hook (npm-install.cjs) bootstraps Python and pip on the installer's machine — attempting privileged installs via sudo -n / pkexec apt-get / pacman / dnf, falling back to fetching get-pip.py from bootstrap.pypa.io — then runs pip install --break-system-packages on the bundled clipper, and finally writes a persistent autostart entry under a disguised name: a systemd user unit python3-dbus-helper.service on Linux, a com.apple.python.runtime.plist LaunchAgent on macOS, or an HKCU\...\Run\PyRuntimeBroker value on Windows. Once running, clipboard_guardian/guardian.py monitors the user's clipboard, matches outgoing content against regexes for 40+ blockchains, and silently replaces any detected wallet address with one of the attacker's hardcoded wallets (e.g., ethereum 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, bitcoin bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, plus monero/etc.) — any crypto payment the victim copies is redirected to the attacker. The daemon further disguises itself via setproctitle('python3-dbus-helper' / 'com.apple.python.runtime') and SetConsoleTitleW('Python Runtime Broker') to blend with OS components, ships an anti-clipper cover story in pyproject.toml while being the clipper itself, and contains an is_monitor_running() routine that pauses substitution when task managers / process explorers (taskmgr, procexp, procmon, ProcessHacker, Activity Monitor, htop, btop, gnome-system-monitor, etc.) are detected. The combination of typosquat naming, install-time privileged persistence, hardcoded attacker wallets, and explicit anti-analysis logic makes intent unambiguous.
Source: ossf-package-analysis (954b112d434a28b13673c4ee516cd4f348148683727ee498290bbd5666a8262b)
The OpenSSF Package Analysis project identified '@jaggle/resizeobserves' @ 1.0.11 (npm) as malicious.
It is considered malicious because:
- The package executes one or more commands associated with malicious behavior.
CWE
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
- CWE-506 - The product contains code that appears to be malicious in nature.
{
"affected": [
{
"database_specific": {
"cwes": [
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
},
{
"cweId": "CWE-506",
"description": "The product contains code that appears to be malicious in nature.",
"name": "Embedded Malicious Code"
}
],
"indicators": {
"domains": [
"bootstrap.pypa.io"
],
"evidence_files": [
{
"path": "clipboard_guardian/guardian.py",
"sha256": "3cde686b9001cb99f18f9c0e92b0e01985849d22f2dee2bd891a7c9e3e164d8c",
"tlsh": "ae727404e965dc63c2d2644a0c92c4a276a46fab5d1424787ffec13c9f9e13fb0b926d"
},
{
"path": "npm-install.cjs",
"sha256": "de03198c52dbe627954d5761ff3439f7a75eb98de48084784ae272312d83a520",
"tlsh": "a8422a8592b5a97cc8f3a26e6687542b01558c1f3601f89cb9bea0dc1f0b139437b73e"
}
],
"package_integrity": [
{
"filename": "resizeobserves-1.0.17.tgz",
"hashes": {
"sha1": "5e0904abd2397cb5ef9029f7bec09e8b5136722d",
"sha512_sri": "sha512-KWRLPAWjwEcxHg5jFZEtjSBgZC8XkiJ+juG3kEyFi/iod5RfpYKYvRy+37AON0SvcrrKTq+3YPAMI4Yb9nBrjw=="
}
}
]
}
},
"package": {
"ecosystem": "npm",
"name": "@jaggle/resizeobserves"
},
"versions": [
"1.0.11",
"1.0.10",
"1.0.19",
"1.0.15",
"1.0.14",
"1.0.18",
"1.0.17",
"1.0.20",
"1.0.4",
"1.0.6",
"1.0.9",
"1.0.12",
"1.0.8",
"1.0.5",
"1.0.16",
"1.0.0",
"1.0.13",
"1.0.1",
"1.0.3",
"1.0.2"
]
}
],
"credits": [
{
"contact": [
"actran@amazon.com"
],
"name": "Amazon Inspector",
"type": "FINDER"
},
{
"contact": [
"https://github.com/ossf/package-analysis",
"https://openssf.slack.com/channels/package_analysis"
],
"name": "OpenSSF: Package Analysis",
"type": "FINDER"
}
],
"database_specific": {
"malicious-packages-origins": [
{
"import_time": "2026-05-24T21:49:25.425730591Z",
"modified_time": "2026-05-24T20:52:53Z",
"sha256": "954b112d434a28b13673c4ee516cd4f348148683727ee498290bbd5666a8262b",
"source": "ossf-package-analysis",
"versions": [
"1.0.11"
]
},
{
"import_time": "2026-05-24T21:49:25.275199388Z",
"modified_time": "2026-05-24T20:28:03Z",
"sha256": "c81330cdb673a711212c2d4555fa7c6ff4b23f39c661acf43f2246878e3b2cf8",
"source": "ossf-package-analysis",
"versions": [
"1.0.10"
]
},
{
"import_time": "2026-05-26T00:54:39.528528353Z",
"modified_time": "2026-05-25T13:41:50Z",
"sha256": "4841ed2c5f4542477b240882aa1dc31e3ed6f7a2f9324f2256ea2404b982d5ae",
"source": "ossf-package-analysis",
"versions": [
"1.0.19"
]
},
{
"import_time": "2026-05-26T00:54:39.259679794Z",
"modified_time": "2026-05-25T12:45:48Z",
"sha256": "74a40f9bd9c9682d2fdbb798a9e2a54c1754c6613b9dfddff6b9c3f863f247dd",
"source": "ossf-package-analysis",
"versions": [
"1.0.15"
]
},
{
"import_time": "2026-05-26T00:54:39.12205977Z",
"modified_time": "2026-05-25T11:53:58Z",
"sha256": "eca8f4dfc69ae63454b3cb308e998d11bc40e882d4b907257f956035dc68ce01",
"source": "ossf-package-analysis",
"versions": [
"1.0.14"
]
},
{
"import_time": "2026-05-26T00:54:39.376312079Z",
"modified_time": "2026-05-25T13:37:54Z",
"sha256": "1fd2a2937a0a584663b33366d27dfa0e859430fad8ff3c9ce4e46b200a8bac87",
"source": "ossf-package-analysis",
"versions": [
"1.0.18"
]
},
{
"id": "IN-MAL-2026-004643",
"import_time": "2026-05-26T05:53:00.491054742Z",
"modified_time": "2026-05-25T12:53:24Z",
"sha256": "273e4db6f8ac9edc5feec992ae8204f378497578fdbe1c33fcb6b6aed4892b23",
"source": "amazon-inspector",
"versions": [
"1.0.17"
]
},
{
"id": "IN-MAL-2026-004655",
"import_time": "2026-05-26T05:53:01.801333912Z",
"modified_time": "2026-05-25T13:53:51Z",
"sha256": "45af71459572175c80d3f4bb8aca2bb9b255ae6f5a3686257941136b2d66512d",
"source": "amazon-inspector",
"versions": [
"1.0.20"
]
},
{
"id": "IN-MAL-2026-004012",
"import_time": "2026-05-26T05:51:46.118353596Z",
"modified_time": "2026-05-21T20:11:30Z",
"sha256": "77ee9f261ae4fde00d3903bb7da6236866574d37a87dfbda9c5ac410e8569335",
"source": "amazon-inspector",
"versions": [
"1.0.4"
]
},
{
"id": "IN-MAL-2026-004546",
"import_time": "2026-05-26T05:52:48.797917558Z",
"modified_time": "2026-05-24T20:04:11Z",
"sha256": "d19cac4e1975c584ab42b9263f3050e5a1e1ecb965dedd3aac03f1353d0e4211",
"source": "amazon-inspector",
"versions": [
"1.0.10"
]
},
{
"id": "IN-MAL-2026-004022",
"import_time": "2026-05-26T05:51:47.217087779Z",
"modified_time": "2026-05-21T20:43:25Z",
"sha256": "1911fe37e679f224a3873b19649e4a53455fcc891459babd450952f504504687",
"source": "amazon-inspector",
"versions": [
"1.0.6"
]
},
{
"id": "IN-MAL-2026-004632",
"import_time": "2026-05-26T05:52:59.191869893Z",
"modified_time": "2026-05-25T11:36:19Z",
"sha256": "424aa2059e0dc14854279bfd17f0dd78a1913e087bac7f02844a9ece0471d613",
"source": "amazon-inspector",
"versions": [
"1.0.14"
]
},
{
"id": "IN-MAL-2026-004534",
"import_time": "2026-05-26T05:52:47.556688254Z",
"modified_time": "2026-05-24T19:13:51Z",
"sha256": "d23dfe68616fc0e8749188376bdce6d6da1626186504a3d6d83cfbea8235f157",
"source": "amazon-inspector",
"versions": [
"1.0.9"
]
},
{
"id": "IN-MAL-2026-004656",
"import_time": "2026-05-26T05:53:01.934110834Z",
"modified_time": "2026-05-25T13:53:52Z",
"sha256": "4aa63e0007054255aaa78ed5a13656d910a7c16f79c711b15cdf139405755f1b",
"source": "amazon-inspector",
"versions": [
"1.0.20"
]
},
{
"id": "IN-MAL-2026-004626",
"import_time": "2026-05-26T05:52:58.488200346Z",
"modified_time": "2026-05-25T10:43:04Z",
"sha256": "9a9a036c2297c6888404f03c4aa9fe125726f09cfbb148ba25e181f7364c0243",
"source": "amazon-inspector",
"versions": [
"1.0.12"
]
},
{
"id": "IN-MAL-2026-004645",
"import_time": "2026-05-26T05:53:00.718833036Z",
"modified_time": "2026-05-25T13:01:56Z",
"sha256": "f258bd6d9f971332d5e48b0f0c0dbaf0dbff1bd58b0ec55438e2c7d6c4256fd3",
"source": "amazon-inspector",
"versions": [
"1.0.18"
]
},
{
"id": "IN-MAL-2026-004023",
"import_time": "2026-05-26T05:51:47.329810914Z",
"modified_time": "2026-05-21T20:48:28Z",
"sha256": "956ea8ce8b2e14e972542d739b721415a6fbb8e0cd0d417867bfe3946cb69961",
"source": "amazon-inspector",
"versions": [
"1.0.8"
]
},
{
"id": "IN-MAL-2026-004013",
"import_time": "2026-05-26T05:51:46.210399236Z",
"modified_time": "2026-05-21T20:14:51Z",
"sha256": "ec83fafaefbdb669123080c3b4f63594b8e25f57990120a38f811401e0c0145b",
"source": "amazon-inspector",
"versions": [
"1.0.5"
]
},
{
"id": "IN-MAL-2026-004638",
"import_time": "2026-05-26T05:52:59.921238754Z",
"modified_time": "2026-05-25T12:22:00Z",
"sha256": "02c7b406290c7efd201e29823c92dceb170c6f57e3f0bdad2b0fd59d761188f7",
"source": "amazon-inspector",
"versions": [
"1.0.15"
]
},
{
"id": "IN-MAL-2026-004547",
"import_time": "2026-05-26T05:52:48.89803773Z",
"modified_time": "2026-05-24T20:04:12Z",
"sha256": "04e1b72ce28d671f8d92b75925d1fe6b5570c99df3d93676ce033460f00a353e",
"source": "amazon-inspector",
"versions": [
"1.0.10"
]
},
{
"id": "IN-MAL-2026-004641",
"import_time": "2026-05-26T05:53:00.232521914Z",
"modified_time": "2026-05-25T12:30:59Z",
"sha256": "3ee906484a081569023043c8c0e9b123eba71a656c16a80ef403a61a0b51fbe4",
"source": "amazon-inspector",
"versions": [
"1.0.16"
]
},
{
"id": "IN-MAL-2026-004533",
"import_time": "2026-05-26T05:52:47.436801963Z",
"modified_time": "2026-05-24T19:13:50Z",
"sha256": "a047b30fbc6c1a622558d5a29750dd866792684624d58554b9145b45d8c62b41",
"source": "amazon-inspector",
"versions": [
"1.0.9"
]
},
{
"id": "IN-MAL-2026-003996",
"import_time": "2026-05-26T05:51:43.992319817Z",
"modified_time": "2026-05-21T18:52:14Z",
"sha256": "fb7f2be52f543dcfe6db161ffb821f2bb6dc223b40a348b0ba63fca7e7e5ac2d",
"source": "amazon-inspector",
"versions": [
"1.0.0"
]
},
{
"id": "IN-MAL-2026-004548",
"import_time": "2026-05-26T05:52:49.013576182Z",
"modified_time": "2026-05-24T20:04:32Z",
"sha256": "1420857f1462236e1b513058e2484125c0ee7cd23d1dcc912ead72b091666f12",
"source": "amazon-inspector",
"versions": [
"1.0.11"
]
},
{
"id": "IN-MAL-2026-004627",
"import_time": "2026-05-26T05:52:58.604098967Z",
"modified_time": "2026-05-25T11:24:06Z",
"sha256": "3fed4f7fe21ce2bb85632c3e9cbdce384405b1e0ffa90a4cce6c6892949a462b",
"source": "amazon-inspector",
"versions": [
"1.0.13"
]
},
{
"id": "IN-MAL-2026-004642",
"import_time": "2026-05-26T05:53:00.351271779Z",
"modified_time": "2026-05-25T12:31:00Z",
"sha256": "5c22947421db551622c67432fd7b0e31be51b1abf27be10428d50f214a88c76d",
"source": "amazon-inspector",
"versions": [
"1.0.16"
]
},
{
"id": "IN-MAL-2026-004646",
"import_time": "2026-05-26T05:53:00.839657826Z",
"modified_time": "2026-05-25T13:02:06Z",
"sha256": "af3f0147bbe2bf539d07ed5ff4d87cfb48371e475a036446e0047f868f79a2b0",
"source": "amazon-inspector",
"versions": [
"1.0.18"
]
},
{
"id": "IN-MAL-2026-004549",
"import_time": "2026-05-26T05:52:49.117041023Z",
"modified_time": "2026-05-24T20:04:33Z",
"sha256": "e827ed2c866108e66aea77b3a29e262b81e5478ab8e1f417b3c887a546b74d65",
"source": "amazon-inspector",
"versions": [
"1.0.11"
]
},
{
"id": "IN-MAL-2026-004628",
"import_time": "2026-05-26T05:52:58.738983651Z",
"modified_time": "2026-05-25T11:24:06Z",
"sha256": "30bad6ddd8174d17900c76c426ccb52de581a0e0315ab617ae1ab42bfac755ff",
"source": "amazon-inspector",
"versions": [
"1.0.13"
]
},
{
"id": "IN-MAL-2026-004005",
"import_time": "2026-05-26T05:51:45.178028932Z",
"modified_time": "2026-05-21T19:57:09Z",
"sha256": "5ea81ffbf8e98f57c0d1aded321f8d8741237ee40406b14e45f52c409efd0bc5",
"source": "amazon-inspector",
"versions": [
"1.0.1"
]
},
{
"id": "IN-MAL-2026-004011",
"import_time": "2026-05-26T05:51:45.983210856Z",
"modified_time": "2026-05-21T20:06:29Z",
"sha256": "783639df35ba04992e9b90da1cb1f5e633e54cb512b3dbfba1f24a2c3d802951",
"source": "amazon-inspector",
"versions": [
"1.0.3"
]
},
{
"id": "IN-MAL-2026-004644",
"import_time": "2026-05-26T05:53:00.628902394Z",
"modified_time": "2026-05-25T12:53:24Z",
"sha256": "e028569d5ebf339a4c773e476fcc7e33ab72b70d05800d9241332d0099cf503f",
"source": "amazon-inspector",
"versions": [
"1.0.17"
]
},
{
"id": "IN-MAL-2026-004625",
"import_time": "2026-05-26T05:52:58.371355685Z",
"modified_time": "2026-05-25T10:43:04Z",
"sha256": "fdb55c86e5c9fedbbf5db819602022eb1e38c960ebe310f7b6c6cdd8800e8f5b",
"source": "amazon-inspector",
"versions": [
"1.0.12"
]
},
{
"id": "IN-MAL-2026-004631",
"import_time": "2026-05-26T05:52:59.066892583Z",
"modified_time": "2026-05-25T11:36:19Z",
"sha256": "3fe4b050d79ecfc702c9222cf3347e49d4530efd23a2120ee040ef32e0a76e4f",
"source": "amazon-inspector",
"versions": [
"1.0.14"
]
},
{
"id": "IN-MAL-2026-004639",
"import_time": "2026-05-26T05:53:00.039623963Z",
"modified_time": "2026-05-25T12:22:00Z",
"sha256": "edb4b079e79cdefe07e22c2347dc34bc9c59276c69a6c584add6697e2007fcf7",
"source": "amazon-inspector",
"versions": [
"1.0.15"
]
},
{
"id": "IN-MAL-2026-004008",
"import_time": "2026-05-26T05:51:45.653813964Z",
"modified_time": "2026-05-21T20:00:02Z",
"sha256": "f7babc0b69b160ebbe7d00ec0be02d03aa5d96f2506406a35ac9d10a7477399f",
"source": "amazon-inspector",
"versions": [
"1.0.2"
]
}
]
},
"details": "\n---\n_-= Per source details. Do not edit below this line.=-_\n\n## Source: amazon-inspector (3fe4b050d79ecfc702c9222cf3347e49d4530efd23a2120ee040ef32e0a76e4f)\nPackage name impersonates the popular @juggle/resize-observer (j\u2192j substitution and pluralized \u0027resizeobserves\u0027) and the README is copied verbatim from the legitimate package, but the tarball ships an unrelated Python module (clipboard_guardian) that has nothing to do with a ResizeObserver polyfill. The postinstall hook (npm-install.cjs) bootstraps Python and pip on the installer\u0027s machine \u2014 attempting privileged installs via sudo -n / pkexec apt-get / pacman / dnf, falling back to fetching get-pip.py from bootstrap.pypa.io \u2014 then runs `pip install --break-system-packages` on the bundled clipper, and finally writes a persistent autostart entry under a disguised name: a systemd user unit `python3-dbus-helper.service` on Linux, a `com.apple.python.runtime.plist` LaunchAgent on macOS, or an `HKCU\\...\\Run\\PyRuntimeBroker` value on Windows. Once running, clipboard_guardian/guardian.py monitors the user\u0027s clipboard, matches outgoing content against regexes for 40+ blockchains, and silently replaces any detected wallet address with one of the attacker\u0027s hardcoded wallets (e.g., ethereum 0x450c0E58Fc2ba03632d3F5780ad8C966648B6F18, bitcoin bc1qs2mpls4p0f7fng073gy2rcdgjpf7la4eugpt6y, plus monero/etc.) \u2014 any crypto payment the victim copies is redirected to the attacker. The daemon further disguises itself via setproctitle(\u0027python3-dbus-helper\u0027 / \u0027com.apple.python.runtime\u0027) and SetConsoleTitleW(\u0027Python Runtime Broker\u0027) to blend with OS components, ships an `anti-clipper` cover story in pyproject.toml while being the clipper itself, and contains an is_monitor_running() routine that pauses substitution when task managers / process explorers (taskmgr, procexp, procmon, ProcessHacker, Activity Monitor, htop, btop, gnome-system-monitor, etc.) are detected. The combination of typosquat naming, install-time privileged persistence, hardcoded attacker wallets, and explicit anti-analysis logic makes intent unambiguous.\n\n## Source: ossf-package-analysis (954b112d434a28b13673c4ee516cd4f348148683727ee498290bbd5666a8262b)\nThe OpenSSF Package Analysis project identified \u0027@jaggle/resizeobserves\u0027 @ 1.0.11 (npm) as malicious.\n\nIt is considered malicious because:\n\n- The package executes one or more commands associated with malicious behavior.\n",
"id": "MAL-2026-4288",
"modified": "2026-05-26T05:55:01Z",
"published": "2026-05-21T18:52:14Z",
"references": [
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.17"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.20"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.4"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.10"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.6"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.18"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.8"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.5"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.15"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.16"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.9"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.0"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.11"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.13"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.1"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.3"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.12"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.14"
},
{
"type": "PACKAGE",
"url": "https://www.npmjs.com/package/@jaggle/resizeobserves/v/1.0.2"
}
],
"schema_version": "1.7.4",
"summary": "Malicious code in @jaggle/resizeobserves (npm)"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…