589 matches found
Malicious code in sixseven9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1ed9c23f2c82d9e91d783110274aff10788de9e0e9a783964702ea26c7b1cc4 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
Malicious code in ishowfeet9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 248f82bac5fecfd3cc8e27d3c4cc6f48f310aef9c069e64cc33a407cd79369bb The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-6937 Malicious code in nuxt-fonts-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6ede5024b6ee71356eedb3dfb3bb648682901bf6b966bbe353daff6082ecc85 Package ships only a package.json and a readme; there is no main entry, no bin, no scripts, no dependencies, and no executable code. The readme...
MAL-2026-6934 Malicious code in load-nuxt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e95bb337136d6bfafcd6f21bb8cb1d98da703f7e20b851b3af82876018ffac Package name resembles the Nuxt ecosystem's helper naming 'load-nuxt' and is published at version 99.0.3, a version-number shape frequently used in...
Malicious code in some-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97420170b95f54c404226b47901bbd45ec03ed0a427369b50add75297a2dcb80 Package [email protected] was scanned across 2 files with no a static rule matches and no behavioral findings. No install-time lifecycle execution, n...
MAL-2026-6941 Malicious code in shopify-internel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb1d4e4e70cff6efbfec48cbf205e071c73a70003863e2293dbf7035547f560 Package name 'shopify-internel' is a one-character misspelling of 'shopify-internal' and appears to squat on the Shopify namespace. The tarball...
MAL-2026-6922 Malicious code in mcp-server-pg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d68bdfced357622e33e4608bd35ded4d8988ea6dc7da073b3a83075978815d On npm install, scripts/postinstall.js unconditionally reads a range of installer-owned identity and configuration files and POSTs a JSON payload to ...
MAL-2026-6905 Malicious code in winston-prism (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06134c2a9c642914c91312e4d0184158fda282ec1bb3715fc143e7834993e266 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in secure-box (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fac79042697157915144f205c342b79f8a019218c45580224a85c045c03fea9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in pino-pretty-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7864fcfe92b62b2ddc003e696cbe02d18e0979f4336bff4cc9352f318b260fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6857 Malicious code in npm-doc-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd9478699eb0ff355280d938bef68818018c0c5cb579b3c144f6c0e134dfad1b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @hg-aka-prml/tapas-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0283140e8754f9cdc894794ae19307cf6235508d8f8cc75d97b900c1469d9393 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6620 Malicious code in @finantix/webcomponents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78f0e6feec707d8b1faaf2926aaeeb7ffc74ba086a917eecd010988211e91de5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in data-fetching-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 913d882d66d587abb1d6fe92b8b6d7353c1b4ae79fb175cc3f10b606dd5f8457 Package self-identifies in its package.json description as a bug-bounty dependency-confusion proof-of-concept against an internal package name of the...
MAL-2026-6407 Malicious code in @su-doughnym/hubspot-loginui-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fa1e159f93bb8a1336dc48fe329f3a7801ebf56a49620ce67fd013ea8995ae Package is openly labeled a dependency-confusion proof-of-concept and uses a high version number 99.99.99 consistent with that intent. The preinstall...
Malicious code in multer-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50b4df9cf15644bbea3ed944cbf168fdbad1619d0c3e10fff653b0d48c10bbb3 Package name 'multer-express' is similar to the widely used 'multer' middleware for Express. No malicious code patterns, install-time hooks, or...
Malicious code in @mastra/agent-browser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49ba6a41e7e43733a8334968ce740af8771208c66c7529d9f4319bd62e39601d @mastra/[email protected] declares a dependency on 'easy-day-js@^1.11.21' in package.json, but the package's own compiled code in dist/index.js nev...
Malicious code in @mastra/nestjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cce4b38ce42c23095f722a3fd011dcd5070230e430bd5ef2be73c0eb943f79d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6015 Malicious code in @mastra/deployer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ada3444d44067bbe5085e0892f7885b106c016c114676c2601b15bbb52ce4a4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08da35ae5d7bc21a7de70c2ed41f52a7a399a58fc26577835f8577fd0053136d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...