crazynut@1.1.2

package

latest version

1.1.2

first published

23 days ago

latest version published

23 days ago

licenses detected

ISC
>=0

View crazynut package health on Snyk (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the crazynut package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
C Malicious Package crazynut is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising revenue through third-party ads and tracking scripts. It was published by the terminal3airport account, and its publication appears to be part of a broader spam and registry-abuse operation involving numerous similar packages. How to fix Malicious Package? Avoid using all malicious instances of the `crazynut` package.	*

Malicious Package

crazynut is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising revenue through third-party ads and tracking scripts. It was published by the terminal3airport account, and its publication appears to be part of a broader spam and registry-abuse operation involving numerous similar packages.

How to fix Malicious Package?

Avoid using all malicious instances of the crazynut package.

Go back to all versions of this package