413 matches found
Malicious code in @osamdefeirrighs/testhackfrrferrr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc1c3467aded71e3ee2e4dbb16bac4d9257a03410188ea98624a09a4263825c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5131 Malicious code in @redhat-cloud-services/sources-client (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
MAL-2026-5048 Malicious code in @cplace-project-planning-fe/cf-project-planning (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 092bbab646c6ffd8575fb87711545ad5052a18b9a78c3a70fccbecf8fbe5619a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @service-suppliers/set_suppliers_data (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0469f2493e0faa6db2b4dd70c85c58062f538457a60d4d4b77b44c861f665665 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4282 Malicious code in prompt-engineering-toolkit (npm)
Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...
MAL-2026-4250 Malicious code in wallet-backup-verifier (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3537e19be49ba9b1222856a7df147f5751a129e0b9eac69158467e21c0a1755a Package presents itself as a 'Community Security Alliance' MCP server for verifying cryptocurrency wallet backups, but performs three concrete...
MAL-2026-3520 Malicious code in @taskflow-corp/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1e305906fa9a2ce7ccc0318baa5c5d7cd13bd021623fec9701e1841d92ab00e9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3452 Malicious code in @squawk/procedure-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fca1f05eea030fa48afc7e6e8bb177abb0f73793f376dbb7bc4e2d8a2a16a1d The package @squawk/procedure-data was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tanstack/solid-start-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4905d7bb1a4d6f69ec73fe4cc8fa958262fcab1397fed5725ac39db447f6239a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wagner-horizon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d97421ed33bbba9349de85dd7f575a7c761e70226645a82545378e6e412d3515 The package wagner-horizon was found to contain malicious code. Source: ghsa-malware c1c6c42ada769c8af91fc0c7c7212a759d8138cd9f5c4af4d5b736d8f879c154...
MAL-2026-3167 Malicious code in apple-infra-stealth-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62019b469ab2852a4c8a4453043d5452768c2ac046ad1dc258366eac98de24ac The package apple-infra-stealth-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3164 Malicious code in chai-as-char (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0beb7aa3057c2e6c31e9bb9074f8ac71d5b2ad3a9f65761c0131816ab4bdb8df The package chai-as-char was found to contain malicious code. Source: ghsa-malware e12e1d019bed1dd99212206b54a611003e75acc13943eb13c8ab63cd388adc83 A...
MAL-2026-3165 Malicious code in chai-as-redeployed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e2a156e4adadf2466c1ce0f0501539ea4bb3306edd9b2c97109326a9f94f3a The package chai-as-redeployed was found to contain malicious code. Source: ghsa-malware...
Malicious code in claudcode-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f4d319ca32cad5bc9a2f83d4b1b64c39f2d1e75f2fed26cc1172d480891b69 The package claudcode-mcp was found to contain malicious code. Source: ghsa-malware 65a350de7c4fa0545fcd3fa1439e9ea34afa50e5237688032de7bcafeb071ab0...
MAL-2026-2941 Malicious code in npm-doc-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8ae6448e13630c5243e98e1794e9b2f57b0e999d4c31687f0db0f1665496f9 The package npm-doc-deploy was found to contain malicious code. Source: ghsa-malware f7938c30cf6da645723648c4c43979c97d7c006933fb24ccab60154f1cc5d084...
MAL-2026-2638 Malicious code in billing-paywidget (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a1d045f893bda154c8f1c451045b34000b97a678cef9952b2dc3ba2f1c83db2 The package billing-paywidget was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2598 Malicious code in babel-plugin-fbtee (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82da31ad0bc5f3d25505f208dd3be88eaff3e4054e429cbdc7601dc5e3a3d42d The package babel-plugin-fbtee was found to contain malicious code. Source: ghsa-malware...
Malicious code in path-external (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83954c990d9e7dddb109dea7f9ed24bc8ded6b95da0ed050b43e7486675fc67c The package path-external was found to contain malicious code. Source: ghsa-malware 28650e14b5d9d8ba8bb4df91ca765c3e40d62074928911571fbdbc9af91c4e2d...
MAL-2026-2133 Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
MAL-2026-2093 Malicious code in pulse-rsvp-card-entity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d02d6daeedd5d906c300edc9ce1c430366876726cb5f6c69156b785a38713ad1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...