Cremit
/incidentsfield log
CatchesCampaignsExfilPatternsLLMIncidentsMethodology
↺rss↗cremit.io

incidents.cremit.io

A reference feed of real-world Non-Human Identity (NHI) credential leak incidents. Maintained by Cremit.

Browse

  • All incidents
  • npm supply chain
  • CI/CD compromise
  • Methodology

Subscribe

  • RSS feed
  • @cremit_io
  • GitHub
// status
monitor active
// build
2026-07-04
// origin
cremit · seoul, kr
// license
CC BY 4.0

© 2026 Cremit. content reuse encouraged with attribution.

catches

Caught packages

Every package the analyzer pipeline classified as auto-published. Sort by weekly downloads to surface the highest-blast-radius cases first.

caught total
1,272
0 in last 7 days
top by downloads
1.1M/wk
disposable-email-domains
top pattern
reads-env-vars
185 hits
sort
downloadsrecenth-scorepatterns
/ecosystem
allnpmpypigh-actionsvscodehuggingface
1 result·indexed 2026-06-07
  • AUTO-PUBLISHED/huggingface/2026-05-24

    thenlpresearcher/mistralai_Mistral-7B-v0_3_StereoDetect_Model@52f64abbf04947653be269b7f846efec8c32aceb

    by thenlpresearcher

    → No suspicious destination, no remote-exec shape — no network destinations.

    weekly
    —
    /wk
    llm verdict
    benign 0.85
    h-score
    85