1473 matches found
Malicious code in @dktunited/anly-tracker-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8893b914c3ba3139a3c8cede191521742237aa7c1c5d64f7ee45dbc5f636a6 scripts/postinstall.js runs unconditionally during npm install and exfiltrates installer-side identifiers to an attacker-controlled out-of-band...
MAL-2026-5434 Malicious code in ac_calendar_ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5b3fd92d67510aef112ac70c9af79a59b924eef29e20b1b127ea4c720182c63 On npm install, the package's canary.js postinstall script issues an HTTP GET to http://157.230.17.236/dc carrying the installer's os.hostname, packa...
MAL-2026-5388 Malicious code in @0xlr/stripe-checkout-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65b2bf8dcdc0fc9b8fdbf14bbf58a011707a4425cf0029867e28067c08ef5566 On npm install, postinstall.js enumerates the full process.env keyspace plus host identifiers os.hostname, username, homedir, cwd, argv, OS details a...
Malicious code in fpjson-lang (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38aca097f261c15ef9901f259883679e2d4308d6e4053099643c8befe9a14318 package.json declares "preinstall": "./bin/install-deps", causing npm to execute a 954KB packed Linux ELF binary on every install. The package...
Malicious code in 66o (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ba0e9f968d627812a2a4efbb8631d3400b6c19692c7668c8e511e2808aaa62 On require, index.js replaces the global console object with a Proxy index.js:36-73 that intercepts console.error/info/warn calls anywhere in the hos...
Malicious code in 0xegg2024 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f32380998652e4d6d7b70da165cff6d669a4c6a6d9297da2a137071abf6317 Tea.yaml token farming campaign...
MAL-2026-988 Malicious code in vl-ui-action-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 681eef2c6f7a9061c23f448a351fbf64b8d5302e6343f486e534c4a440b1e793 The package vl-ui-action-group was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-987 Malicious code in vl-ui-accessibility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7e52c3145cd55d304bb64380b4ac900f8fcda605ef0d88ad4b445709c1fa6f The package vl-ui-accessibility was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-989 Malicious code in vl-ui-alert (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4b178c0c090ebb69682438481586f4d0c78dbcd8938f14ce595469fe3796916 The package vl-ui-alert was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ac-checksum (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 421654f0d216d3cb6af35eb9973ccd59d6d8c7c3d8c618bf1f49343a7756aa47 The package ac-checksum was found to contain malicious code...
Malicious code in ac-dom-nodes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b323cec1a59645d9dcb2c0951a0f7d31b362ac58e4f930306a940ed67037b20d The package ac-dom-nodes was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-782 Malicious code in ac-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a7d9d049932519bded5d12b8627523ef63dac69179b1ce873cf4cd8b7fe6849 The package ac-polyfills was found to contain malicious code...
MAL-2026-785 Malicious code in ppe-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1914d3cfcb631f551660417c0441d7e6eb3929ee6c4cadd6088e551462ead553 The package ppe-test was found to contain malicious code...
MAL-2026-783 Malicious code in adobe_pipeline_test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e438937c9c04fd06645a505f5bd509ee3c1fa942be02cefa881023f849b781 The package adobepipelinetest was found to contain malicious code...
MAL-2026-775 Malicious code in ac-array (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71f97348d3034afc8a89167b165172d331574fdeffd79f9392a282ff5732635f The package ac-array was found to contain malicious code...
Malicious code in ac-feature (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4336ebc941f06184c39e082b6d53167ba1466dad57a4a05936446980dd4759b The package ac-feature was found to contain malicious code...
Malicious code in adobe_pipeline_test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e438937c9c04fd06645a505f5bd509ee3c1fa942be02cefa881023f849b781 The package adobepipelinetest was found to contain malicious code...
MAL-2026-778 Malicious code in ac-dom-nodes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b323cec1a59645d9dcb2c0951a0f7d31b362ac58e4f930306a940ed67037b20d The package ac-dom-nodes was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-776 Malicious code in ac-checksum (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 421654f0d216d3cb6af35eb9973ccd59d6d8c7c3d8c618bf1f49343a7756aa47 The package ac-checksum was found to contain malicious code...
MAL-2026-628 Malicious code in @casaverso/frontend-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48584fd15701448c3394285943de2520455a7b1fc07cead90b74d535437feda4 The package @casaverso/frontend-core was found to contain malicious code. Source: ghsa-malware...