supply-scan 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/README.md +31 -9
  2. package/dist/index.d.ts +1 -1
  3. package/dist/index.js +627 -383
  4. package/dist/index.js.map +1 -1
  5. package/package.json +1 -1
  6. package/rules/axios-2026.json +43 -11
  7. package/rules/chalk-debug-2025.json +72 -23
  8. package/rules/coa-rc-2021.json +32 -7
  9. package/rules/colors-faker-2022.json +12 -4
  10. package/rules/eslint-scope-2018.json +15 -5
  11. package/rules/event-stream-2018.json +14 -5
  12. package/rules/glassworm-2026.json +27 -7
  13. package/rules/lottie-player-2024.json +11 -3
  14. package/rules/node-ipc-2022.json +29 -8
  15. package/rules/shai-hulud-2025.json +27 -8
  16. package/rules/solana-web3-2024.json +13 -4
  17. package/rules/ua-parser-js-2021.json +24 -6
package/rules/colors-faker-2022.json CHANGED
@@ -9,12 +9,20 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "colors": ["1.4.1", "1.4.2"],
13
- "faker": ["6.6.6"]
12
+ "colors": [
13
+ "1.4.1",
14
+ "1.4.2"
15
+ ],
16
+ "faker": [
17
+ "6.6.6"
18
+ ]
14
19
  },
15
20
  "malicious": {}
16
21
  },
17
22
  "ioc": {
18
- "strings": ["LIBERTY LIBERTY LIBERTY"]
19
- }
23
+ "strings": [
24
+ "TElCRVJUWSBMSUJFUlRZIExJQkVSVFk="
25
+ ]
26
+ },
27
+ "encoded": true
20
28
  }
package/rules/eslint-scope-2018.json CHANGED
@@ -9,13 +9,23 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "eslint-scope": ["3.7.2"],
13
- "eslint-config-eslint": ["5.0.2"]
12
+ "eslint-scope": [
13
+ "3.7.2"
14
+ ],
15
+ "eslint-config-eslint": [
16
+ "5.0.2"
17
+ ]
14
18
  },
15
19
  "malicious": {}
16
20
  },
17
21
  "ioc": {
18
- "domains": ["pastebin.com"],
19
- "strings": ["pastebin.com/raw/XLeVP82h", "_authToken"]
20
- }
22
+ "domains": [
23
+ "cGFzdGViaW4uY29t"
24
+ ],
25
+ "strings": [
26
+ "cGFzdGViaW4uY29tL3Jhdy9YTGVWUDgyaA==",
27
+ "X2F1dGhUb2tlbg=="
28
+ ]
29
+ },
30
+ "encoded": true
21
31
  }
package/rules/event-stream-2018.json CHANGED
@@ -9,14 +9,23 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "event-stream": ["3.3.6"]
12
+ "event-stream": [
13
+ "3.3.6"
14
+ ]
13
15
  },
14
16
  "malicious": {
15
- "flatmap-stream": ["0.1.1"]
17
+ "flatmap-stream": [
18
+ "0.1.1"
19
+ ]
16
20
  }
17
21
  },
18
22
  "ioc": {
19
- "ips": ["111.90.151.134"],
20
- "domains": ["copayapi.host"]
21
- }
23
+ "ips": [
24
+ "MTExLjkwLjE1MS4xMzQ="
25
+ ],
26
+ "domains": [
27
+ "Y29wYXlhcGkuaG9zdA=="
28
+ ]
29
+ },
30
+ "encoded": true
22
31
  }
package/rules/glassworm-2026.json CHANGED
@@ -10,16 +10,36 @@
10
10
  ],
11
11
  "packages": {
12
12
  "compromised": {
13
- "react-native-international-phone-number": ["0.12.1", "0.12.2", "0.12.3"],
14
- "react-native-country-select": ["0.3.91"],
15
- "@aifabrix/miso-client": ["4.7.2"]
13
+ "react-native-international-phone-number": [
14
+ "0.12.1",
15
+ "0.12.2",
16
+ "0.12.3"
17
+ ],
18
+ "react-native-country-select": [
19
+ "0.3.91"
20
+ ],
21
+ "@aifabrix/miso-client": [
22
+ "4.7.2"
23
+ ]
16
24
  },
17
25
  "malicious": {
18
- "@iflow-mcp/watercrawl-watercrawl-mcp": ["1.3.0", "1.3.1", "1.3.2", "1.3.3", "1.3.4"]
26
+ "@iflow-mcp/watercrawl-watercrawl-mcp": [
27
+ "1.3.0",
28
+ "1.3.1",
29
+ "1.3.2",
30
+ "1.3.3",
31
+ "1.3.4"
32
+ ]
19
33
  }
20
34
  },
21
35
  "ioc": {
22
- "ips": ["45.32.150.251"],
23
- "strings": ["6YGcuyFRJKZtcaYCCFba9fScNUvPkGXodXE1mJiSzqDJ", "install.js"]
24
- }
36
+ "ips": [
37
+ "NDUuMzIuMTUwLjI1MQ=="
38
+ ],
39
+ "strings": [
40
+ "NllHY3V5RlJKS1p0Y2FZQ0NGYmE5ZlNjTlV2UGtHWG9kWEUxbUppU3pxREo=",
41
+ "aW5zdGFsbC5qcw=="
42
+ ]
43
+ },
44
+ "encoded": true
25
45
  }
package/rules/lottie-player-2024.json CHANGED
@@ -9,11 +9,19 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "@lottiefiles/lottie-player": ["2.0.5", "2.0.6", "2.0.7", "2.0.8"]
12
+ "@lottiefiles/lottie-player": [
13
+ "2.0.5",
14
+ "2.0.6",
15
+ "2.0.7",
16
+ "2.0.8"
17
+ ]
13
18
  },
14
19
  "malicious": {}
15
20
  },
16
21
  "ioc": {
17
- "strings": ["connect wallet"]
18
- }
22
+ "strings": [
23
+ "Y29ubmVjdCB3YWxsZXQ="
24
+ ]
25
+ },
26
+ "encoded": true
19
27
  }
package/rules/node-ipc-2022.json CHANGED
@@ -10,19 +10,40 @@
10
10
  ],
11
11
  "packages": {
12
12
  "compromised": {
13
- "node-ipc": ["10.1.1", "10.1.2", "9.2.2"]
13
+ "node-ipc": [
14
+ "10.1.1",
15
+ "10.1.2",
16
+ "9.2.2"
17
+ ]
14
18
  },
15
19
  "malicious": {
16
- "peacenotwar": ["9.1.3", "9.1.5", "9.1.6"]
20
+ "peacenotwar": [
21
+ "9.1.3",
22
+ "9.1.5",
23
+ "9.1.6"
24
+ ]
17
25
  }
18
26
  },
19
27
  "ioc": {
20
28
  "files": {
21
- "darwin": ["~/Desktop/WITH-LOVE-FROM-AMERICA.txt"],
22
- "linux": ["~/Desktop/WITH-LOVE-FROM-AMERICA.txt"],
23
- "win32": ["%USERPROFILE%\\Desktop\\WITH-LOVE-FROM-AMERICA.txt"]
29
+ "darwin": [
30
+ "fi9EZXNrdG9wL1dJVEgtTE9WRS1GUk9NLUFNRVJJQ0EudHh0"
31
+ ],
32
+ "linux": [
33
+ "fi9EZXNrdG9wL1dJVEgtTE9WRS1GUk9NLUFNRVJJQ0EudHh0"
34
+ ],
35
+ "win32": [
36
+ "JVVTRVJQUk9GSUxFJVxEZXNrdG9wXFdJVEgtTE9WRS1GUk9NLUFNRVJJQ0EudHh0"
37
+ ]
24
38
  },
25
- "domains": ["api.ipgeolocation.io"],
26
- "strings": ["ssl-geospec.js", "WITH-LOVE-FROM-AMERICA", "peacenotwar"]
27
- }
39
+ "domains": [
40
+ "YXBpLmlwZ2VvbG9jYXRpb24uaW8="
41
+ ],
42
+ "strings": [
43
+ "c3NsLWdlb3NwZWMuanM=",
44
+ "V0lUSC1MT1ZFLUZST00tQU1FUklDQQ==",
45
+ "cGVhY2Vub3R3YXI="
46
+ ]
47
+ },
48
+ "encoded": true
28
49
  }
package/rules/shai-hulud-2025.json CHANGED
@@ -10,16 +10,35 @@
10
10
  ],
11
11
  "packages": {
12
12
  "compromised": {
13
- "@ctrl/tinycolor": ["4.1.1"],
14
- "duckdb": ["1.3.3"],
15
- "@duckdb/node-api": ["1.3.3"],
16
- "@duckdb/node-bindings": ["1.3.3"],
17
- "@duckdb/duckdb-wasm": ["1.29.2"]
13
+ "@ctrl/tinycolor": [
14
+ "4.1.1"
15
+ ],
16
+ "duckdb": [
17
+ "1.3.3"
18
+ ],
19
+ "@duckdb/node-api": [
20
+ "1.3.3"
21
+ ],
22
+ "@duckdb/node-bindings": [
23
+ "1.3.3"
24
+ ],
25
+ "@duckdb/duckdb-wasm": [
26
+ "1.29.2"
27
+ ]
18
28
  },
19
29
  "malicious": {}
20
30
  },
21
31
  "ioc": {
22
- "domains": ["webhook.site"],
23
- "strings": ["setup_bun.js", "bun_environment.js", "Sha1-Hulud", "discussion.yaml", "webhook.site"]
24
- }
32
+ "domains": [
33
+ "d2ViaG9vay5zaXRl"
34
+ ],
35
+ "strings": [
36
+ "c2V0dXBfYnVuLmpz",
37
+ "YnVuX2Vudmlyb25tZW50Lmpz",
38
+ "U2hhMS1IdWx1ZA==",
39
+ "ZGlzY3Vzc2lvbi55YW1s",
40
+ "d2ViaG9vay5zaXRl"
41
+ ]
42
+ },
43
+ "encoded": true
25
44
  }
package/rules/solana-web3-2024.json CHANGED
@@ -9,12 +9,21 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "@solana/web3.js": ["1.95.6", "1.95.7"]
12
+ "@solana/web3.js": [
13
+ "1.95.6",
14
+ "1.95.7"
15
+ ]
13
16
  },
14
17
  "malicious": {}
15
18
  },
16
19
  "ioc": {
17
- "domains": ["sol-rpc.xyz"],
18
- "strings": ["sol-rpc.xyz", "addToQueue"]
19
- }
20
+ "domains": [
21
+ "c29sLXJwYy54eXo="
22
+ ],
23
+ "strings": [
24
+ "c29sLXJwYy54eXo=",
25
+ "YWRkVG9RdWV1ZQ=="
26
+ ]
27
+ },
28
+ "encoded": true
20
29
  }
package/rules/ua-parser-js-2021.json CHANGED
@@ -9,16 +9,34 @@
9
9
  ],
10
10
  "packages": {
11
11
  "compromised": {
12
- "ua-parser-js": ["0.7.29", "0.8.0", "1.0.0"]
12
+ "ua-parser-js": [
13
+ "0.7.29",
14
+ "0.8.0",
15
+ "1.0.0"
16
+ ]
13
17
  },
14
18
  "malicious": {}
15
19
  },
16
20
  "ioc": {
17
21
  "files": {
18
- "linux": ["/tmp/jsextension"],
19
- "win32": ["%TEMP%\\jsextension.exe", "%TEMP%\\create.dll", "%TEMP%\\sdd.dll"]
22
+ "linux": [
23
+ "L3RtcC9qc2V4dGVuc2lvbg=="
24
+ ],
25
+ "win32": [
26
+ "JVRFTVAlXGpzZXh0ZW5zaW9uLmV4ZQ==",
27
+ "JVRFTVAlXGNyZWF0ZS5kbGw=",
28
+ "JVRFTVAlXHNkZC5kbGw="
29
+ ]
20
30
  },
21
- "ips": ["159.148.186.228", "194.76.225.46", "185.158.250.216", "45.11.180.153"],
22
- "processes": ["jsextension"]
23
- }
31
+ "ips": [
32
+ "MTU5LjE0OC4xODYuMjI4",
33
+ "MTk0Ljc2LjIyNS40Ng==",
34
+ "MTg1LjE1OC4yNTAuMjE2",
35
+ "NDUuMTEuMTgwLjE1Mw=="
36
+ ],
37
+ "processes": [
38
+ "anNleHRlbnNpb24="
39
+ ]
40
+ },
41
+ "encoded": true
24
42
  }