4606 matches found
Malicious code in chai-bundle (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5110f40393583ef41ebcfa3558d782310a40a78227a040480d871c25311b79ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in web3-prices (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee650bfe594eb17193a4760fd6fc279eb10670ae045500913ea673951427b47e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in web3.prc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6db6feb92bb662bbf24ea3769595c836f3443f8fb33833b094134f294704af70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ts-config-mapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 991f5b6f0d00ce1e267299db5a6e4d74717173d1548efb94d68345cb6c8f6dc6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4224 Malicious code in json-spectaculation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5666b784c76bbb0ecb504b52a7e70d17bfe910ad374f223e53deca3b57021278 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3827 Malicious code in string-manipulation-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bed3d44d42fd732fc0b3ec3b59c8c75fea479f97b78de4982c5b75bafd9af25 The package string-manipulation-typescript was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3801 Malicious code in the_secret_of_running_by_hans_van_dijk_ron_van_megen_02jsk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11aa0239d26b0aae85ed4e3f9bc78838fbdfd47beb4bc9ab701687cb7081513e The package thesecretofrunningbyhansvandijkronvanmegen02jsk was found to contain malicious code. Source: ghsa-malware...
Malicious code in viem-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe6492eec3b776a8654ae561b2f6d53c1a02ab00186b7dc5c8c72fb613c4e901 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3434 Malicious code in @opensearch-project/opensearch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1668370f4091d14b4e74ad0e9b25c70ccbc5bf7fb7d97f535212ce2289e71347 The package @opensearch-project/opensearch was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3449 Malicious code in @squawk/navaid-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 966263f7b58fca4470e282294f432c7c78d25b154b3c6daf6580d2b426a5e004 The package @squawk/navaid-data was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tanstack/start-storage-context (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7021ac6b47d0f973f936ca9d15cd26f43a01b1151ce691ec8b10be5001be2bb This version of @tanstack/start-storage-context belongs to the @tanstack/ package family that was compromised via CI cache poisoning, with 42 package...
MAL-2026-3472 Malicious code in @tanstack/router-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a4625c6f00a64d5f9c4d9fe41182c90a5d06c2a6cf72046d9a1e76d65295444 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3432 Malicious code in @mistralai/mistralai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23235945a2d68899f5fe2e6eafaefa0a98f2120697d41a40d26615e41aceb916 The package @mistralai/mistralai was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3316 Malicious code in @apple-pay-trust/check-apple-pay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e70605dbfa408340f5181bb26e47fb08e3ff8925c50aee6cb62132e724ba7a09 The package @apple-pay-trust/check-apple-pay was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3278 Malicious code in honcho-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84982c0724088423f1dfd6be1667977bde24611206ff38083fbd5f1bddb51ee7 The package honcho-theme was found to contain malicious code. Source: ghsa-malware 23c78ef060edd4e17fe6722502a19a3f7cfa402b9253a432003578db145e5c24 A...
MAL-2026-3267 Malicious code in @bcs-bank-react-ui/swiper-slider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecc6cabd59042f5fc22327d81efedc2ed1926f8f9457d124906fde72fbf65d46 The package @bcs-bank-react-ui/swiper-slider was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-internal-security-library-v99 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f44267d5128f9ac2c62938b60bfa45264207a0010c41c97082c72246a3a7a248 The package apple-internal-security-library-v99 was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-internal-security-poc-frank (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f171ab8af350f288bde3dca0a4c5741b840ed376b0022602322fd7b8b6341f The package apple-internal-security-poc-frank was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2935 Malicious code in @tushar-br/desktop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25eb4a54e706177aecf51b4124524e6e7d0534b02d9b8e6970169a9df8189ef The package @tushar-br/desktop was found to contain malicious code. Source: ghsa-malware...
Malicious code in ethersproject-wallet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b1c992cfad672d784afa83763c813b657de3834631b9dd92b6aaa7237e87440 The package ethersproject-wallet was found to contain malicious code. Source: ghsa-malware...