50 matches found
MAL-2026-4709 Malicious code in wallet-agent-ai-radix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a953d7785091650f4f48e0b038e71ad79788102ffd652bff4bb0e8bf40ea21 dist/agent.js contains a hardcoded Telegram Bot API endpoint https://api.telegram.org reached via fetch with a POST body that includes values from...
Malicious code in aurafarmer (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 967bdc07ba43b92a320ad0ef81975a5547d24b987eda5b8cdf863fc7c18245e0 The package advertises an aurex CLI. Its login flow aurex/main.py around line 108 prompts the user for email and password and POSTs them as JSON to a...
Malicious code in silly-logger (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a57b518b6dcdb16913e105cd371fe81d367a85f81599d4468819bbe77ccb68b8 The package's advertised logging API debug/info/warn/error/critical unconditionally POSTs every log payload — message, level, category, and source — ...
Malicious code in workrally (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 502275ca25c6fb0e28db57d91789be11e347b5f21696ed45e15c015d123eaf51 dist/index.js imports childprocess and runs whoami observed at multiple call sites, then POSTs the result to a hardcoded remote URL...
Malicious code in prettier-lint-lenz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f7035dda69170600724a31f4b3543e02ac23c9153f3a62c35f2ee5264eef44 Package impersonates the popular prettier formatter — README and description are copied verbatim from the real Prettier project, but the package ship...
MAL-2026-3769 Malicious code in prettier-lint-lenz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f7035dda69170600724a31f4b3543e02ac23c9153f3a62c35f2ee5264eef44 Package impersonates the popular prettier formatter — README and description are copied verbatim from the real Prettier project, but the package ship...
MAL-2026-3692 Malicious code in guan (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e04a9a658bc7616e72a5edf276dd049e5b697f2492c46929caf2e01fac95d84 The top-level src/guan/init.py unconditionally calls statisticsofguanpackage on every import guan. That function in src/guan/others.py opens a raw TC...
Bykea: IDOR on in-app hardcoded zombie endpoint
The researcher discovered an Insecure Direct Object Reference IDOR vulnerability in a hardcoded legacy zombie endpoint that was no longer actively used but remained accessible. By reverse engineering the Android app and reviewing the code for unused endpoints, the sensitive details related to...
GHSA-HHW9-35P2-Q2C5 Steam Socialite Provider v1 does not correctly validate openid server
Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These are no longer...
Steam Socialite Provider v1 does not correctly validate openid server
Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These are no longer...