Malicious code in @newline53/newline-ts-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 475a7ac4130ef9c168565439f8cac230fce87b1d59bc116caec6c712f3a5dc60 On npm install, the postinstall hook node install.js collects os.hostname and os.userInfo.username along with the package name, encodes them as a DNS...

Malicious code in collected-forms-embed-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b110466fd12f426709ec7f628f63304d175faddb8094d08e8448388ed3114805 The package.json declares a postinstall lifecycle hook that performs reconnaissance and exfiltration on every install. The script invokes childproces...

Malicious code in hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b72f90917aaff5b42d639bff4d28227b0cd2105ce4d2b109577a76b9d7003ecc The OpenSSF Package Analysis project identified 'hardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in pp-react-v5 (npm)

pp-react-v5 is a dependency confusion package published at the inflated version 10.0.0 to win npm resolution over any internally-hosted package of the same name. The package contains only a package.json with no functional source code. On installation the preinstall script executes a wget command...

MAL-2026-3303 Malicious code in ally-whitelist (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db0425c83302370ea529e2baaabc1ada94b5515fb01d3437ed45bbc766e4e8f4 The package ally-whitelist was found to contain malicious code. Source: ossf-package-analysis...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcmlooptargetreset function failing to empty executing commands as required by the SCSI EH, which could...

Malicious code in @apple-pay-trust/merchant-session (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 923c69f651ada0a2a6e4033304213ed069036ecf60291ba062fff36b1253d48f The package @apple-pay-trust/merchant-session was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3061 Malicious code in @google-pay-trust/authorize-payment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34948be5ad2a3e52a1e1c577dafd82b6711762743bfd51bfd6433e7a780f7e36 The package @google-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...

Malicious code in @apple-pay-trust/validate-merchant (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04e899c9f267696289778cbf0c2c4f8da289e47bb3bce95ffa4fa4e3fe290722 The package @apple-pay-trust/validate-merchant was found to contain malicious code. Source: ghsa-malware...

Malicious code in amazon-q-developer-streaming-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2612d348229614bb857a8f2c30c1ad2d66954d7a05073f15319f8aca2fb1a86d The package amazon-q-developer-streaming-client was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in pa-marked-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7ec58688a86a684649482df31ee2d5ded2b22d648049ab9a2d6ba93bb912b0 The package pa-marked-internal was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2928 Malicious code in pa-marked-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa7ec58688a86a684649482df31ee2d5ded2b22d648049ab9a2d6ba93bb912b0 The package pa-marked-internal was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in react-spa-shadcn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b0a6436d822911c9ab59cb73cdf9c25c0dfa562feb406fcfa450ad964418f89 The package react-spa-shadcn was found to contain malicious code. Source: ghsa-malware da9de249511ac32f8d560921d4da27724c126e29260a8fb7c4acb1da70c6b7...

Malicious code in react-dom-19 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e6b5a54efd0bd62412ae002a01495b83a035014f59692e4e942aeaf9fd70d0d The package react-dom-19 was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2567 Malicious code in pt-sc-demo-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08bb315a7617ec23d04aeb4d4518c1539efbeef21894d42401af06f0ec36fdb6 The package pt-sc-demo-app was found to contain malicious code. Source: ghsa-malware 755b0ca70d35b05cdaa098b0bd7a331c5f40f35f8d5bb0dcf56333ce7acce6e0...

MAL-2026-2441 Malicious code in expirs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86105842d926ee95e61ae8adf0d4506cbc55c9510189208ee33d511806f2c5ef The package expirs was found to contain malicious code. Source: ossf-package-analysis d82cf6807fa6c011a17d3f4e8bf8af1e3e935a3d79ab1420356fd87d3f2567d...

MAL-2026-2428 Malicious code in vv-ftend-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52e6dc460495b044b5104f5b43ce39cacbc3bddfd089ca9f48ba821fb9d9b77c The package vv-ftend-api was found to contain malicious code. Source: ghsa-malware 516291f1a77610b9273279b0bfc4b6502c42024be5ce84308ad96ab226fa216d A...

Malicious code in n8n-nodes-text-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d9e6f076079fc1e5969f32f2e96bf4ee653d57d47b342f378cc857e678051df The package n8n-nodes-text-helpers was found to contain malicious code. Source: ghsa-malware...

Malicious code in @appleseed-apple/ac-sasskit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88124096765095b75d53f5129410a02db9d3966422e222d21b811aa0699ea725 The package @appleseed-apple/ac-sasskit was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @zinley/orion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb5209e6394eac2659ab3101809c2a59bf59a604346075a9d923de21d982812e The package @zinley/orion was found to contain malicious code. Source: ossf-package-analysis...