506 matches found
MAL-2026-5179 Malicious code in chai-midpatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4deffa7a98fc055452391610a3ab832bace310cf34ecc058287f45cab02c656c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5075 Malicious code in ota_web_admin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2724185590a9671481ff3ac84c4046cb7b1841b78c7872660ff5ddf32fc21309 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5083 Malicious code in tailwindcss-basic-animation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa0cc72271b87587b2d58ff45625dfa9df9f8e4547b68096d359757e68b8946f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chai-use-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 941306dd3e5d860872f10c80f8e3acd59cbc3b3d0c7bb00e229442b3af273989 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in int-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 369f6932b06597ffc51269a3c2634d158a10270a5c79eb9e4842818e8570c544 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4236 Malicious code in dependency-audit-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07144a70b38d5ada8c75d4cb8027f378cca7c094f823a544d056b07cb999e663 package.json declares a postinstall hook that runs node -e "tryrequire'childprocess'.execSync'npx env-security-scanner@latest...
MAL-2026-3728 Malicious code in hardhat-core-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b62021752710dce40c5fa0491b2c8e75454d25ee7e80bd15e3b5a99ace923ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @squawk/airport-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a12035131eafd29a07572751653f857706ac1b113fcbd498a70f54d96d5276cc The package @squawk/airport-data was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tanstack/router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b5f287de4737a3fc1c486fabad70d3ad833e85ba2ebfa8d0712052da9fca9ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3467 Malicious code in @tanstack/react-router-ssr-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c8db33bfb3bf19b736238a7e0895ecfd856e38c6e86d83f6eee8df6f5c13730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3170 Malicious code in frank-newton3-db-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c57962acb9140cd99fb10338da13df89a6af2a7da30694456df2bc151acd247 The package frank-newton3-db-poc was found to contain malicious code. Source: ghsa-malware...
Malicious code in turbo-leven (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0903aeeee8de9f8d0b7bae616fb57ef1468d676ff1f319791b54a4c658211b4 The package turbo-leven was found to contain malicious code. Source: ghsa-malware 6a89f53d914eeb23f58756ee338b08701d799e346d6901d2f374bb51e736b2ef An...
MAL-2026-2658 Malicious code in tailwindcss-style-typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625db5a21e8ed06ca7ce3b8d75adeff20b4179dbebe797b13486039aa74d6ea The package tailwindcss-style-typography was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2577 Malicious code in @b2b-portal/kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa5c1b32159c7e6dc9c07e663c7f8cf3b3ee24450a33289a1a79589c69906eed The package @b2b-portal/kit was found to contain malicious code. Source: ghsa-malware 20de22d7080860e2c01f3de58d2809af28e543302e49545749666efd4956c23...
Malicious code in chai-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...
Malicious code in sbx-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...
MAL-2026-2101 Malicious code in sidebar-basket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd1b121a57bf0b4d96e4f902f6d051ff5b485ab7fc412f8940ce2c294ddb660 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2046 Malicious code in @emilgroup/document-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a0db55538f4afebec1f08f4cff1689eb866b7d256eeeabebcd2c52862ec3fe7 The package @emilgroup/document-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2072 Malicious code in react-leaflet-heatmap-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2352243757a42dafc23c429819f6693b8f9a56799589414bbb527f35b1f7ed35 The package react-leaflet-heatmap-layer was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1944 Malicious code in couplus-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...