MAL-2026-5174 Malicious code in nodemon-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66b967b89b3b02913d1a55f4fe65d3e7ecf4e39d25f5fd49bfb2879f73724dc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5114 Malicious code in @redhat-cloud-services/frontend-components-config-utilities (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Malicious code in @redhat-cloud-services/entitlements-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Malicious code in ethers-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d77270819f9736bb8e5eaba898605cbe713dfaf9b06c2ad539aa29f77651aba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @service-suppliers/set_suppliers_loading_start (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b90557d314c93e20a5e2c0e307eb25f28e9e17cb31c630a6ae64b1ce8fc8013 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @service-suppliers/fetch-initial-suppliers-watcher-saga (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e38be804fe779ace5ea3a6a56214beebe7ceabaa5f765b46a0f7888ed2da4fc1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4841 Malicious code in @hcs-hybrid/uirouter-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27a0d7e172f9959faebfaed919369b4cd7a6321d9ae58986de045174908d431c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jules-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68192c93adffde34c344bbc8448fe604a749ba448c9fd982f6ba9f8564ff4705 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4306 Malicious code in auth0-sample-dus-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11085e4f685d863ed2e5196febd3ade6b5b64e18d19bb57d779d04e27a360df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in explorhub-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9788bd481519def1387f4eccde46e4e6fbb3d8acc8e6b181397f299581d9a174 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4338 Malicious code in wm-plugin-json-conditions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43ae510c22e7ea36051bfaa2a241bc7f8035d9047c3fe927438ceef2f2ca81cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wm-plugin-set-walkme-language (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3a79fac1678c77b806378e3a6a61fbe14204f4ff38758d151a231e0d990ea94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in chai-as-float (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57fa3a7c5d47c518f43c819b91f8ae0bbdffbcf6fce42a1ebbce89e7d9c29199 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4232 Malicious code in build-integrity-verify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a4941223186440162de6c5ce0a5a5797589d69e6957473761b04818b8b9b5e7 The package contains no functionality of its own. Its postinstall lifecycle hook runs npx env-security-scanner@latest auditenvironment via...

Malicious code in solana-pda-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 932b19a77a3ac634909a0f284df48d9b2a8b28f9c5370bd50306d7ba5a1335e9 On npm install, package.json's postinstall hook runs node -e to issue an https.get against...

MAL-2026-3824 Malicious code in parse-regex-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d7619f0cfdbd6c6bd09c366186aa4b333ed935b4bc33580097d598b3fc8bd5b The package parse-regex-string was found to contain malicious code. Source: ghsa-malware...

Malicious code in dowload_ebok_the_upside_of_unrequited_by_becky_albertalli_2jgmw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c6c3f207c21b6d62ee891fea75f9192c812d157b81f2208b987050e731fa4ac The package dowloadeboktheupsideofunrequitedbybeckyalbertalli2jgmw was found to contain malicious code. Source: ghsa-malware...

Malicious code in jenkins-forge-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1752ae807c1ded3c735b8ab75a4119f00de67627fbd4a8802331d487b5e2c229 The package jenkins-forge-utils was found to contain malicious code. Source: ghsa-malware...

Malicious code in simple-date-diff-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb5f213f91d456c5ac949bf0995ee5310b944a9bf102b429edec11a99cfb6bf The package simple-date-diff-utils was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3787 Malicious code in frank-at-alibaba-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886c65e3dc3df0890c4de06cdd9d3973fd8a5844b0db2010a08e1160d2b6dce5 The package frank-at-alibaba-internal was found to contain malicious code. Source: ghsa-malware...