MAL-2024-12182

Import Source

JSON Data

https://api.osv.dev/v1/vulns/MAL-2024-12182

Published

2024-12-18T12:48:09Z

Modified

2024-12-18T12:48:09Z

Summary

Malicious code in flybook-table (npm)

Details

This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon.

Database specific

{
    "malicious-packages-origins": null
}

References

Credits

- Stacklok Insight: insight.stacklok.com - FINDER
- - https://discord.com/invite/RkzVuTp3WK

Affected packages

1.0.0