Malicious code in bugsnagmw (npm)

The package `bugsnagmw` (npm) version 1.0.3 contains malicious code. The code was obfuscated to avoid detection. The malicious code is designed to steal sensitive information from the user's environment and send it to a remote server. See https://stacklok.com/blog/analysis-of-an-obfuscated-code-attack-on-npms-package-registry for more details. Learn more

npm

bugsnagmw

Mar 20, 2024

npmjs.com

Package information

Visibility:

N/A

Contributors:

N/A

Stars count:

N/A

Forks count:

N/A

Default branch:

N/A

Open issues count:

N/A

Watchers count:

N/A

Blog:

N/A

Followers count:

N/A

Public repos count:

N/A

Alternative packages

rollbar

Error tracking and logging from Javascript to Rollbar

2.26.4

6.6/10

Trusty score

Trusty Score

How do we calculate this score?

We use statistical analysis to rate packages from 0—10. Higher ratings typically indicate safer packages.

Security checks

Factors	Score
	Medium
	Low
	0

Proof of Origin (Provenance)

No Provenance Info

Package lacks declared metadata regarding its source of origin.