342 matches found
Malicious code in sixseven8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec482cba13f20090fc306d9a8c732ec4edbc8bb9326324f7dedfb544ad0d9a11 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
Malicious code in nottuff20 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45385ab2d7ac9fcd5f37a9faa2824beba492422d1783deef1b9b153eda2e25d2 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff26 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d6f3663bcc4d41d4ec7b7e07a43f82567efbbab2cfb098d7227f0f0803e7577 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-6953 Malicious code in whs4_pnm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47d72187d8b59a9a40cb8397d064bc7319b20e19ee7d48b870432bd96952b089 The package declares a postinstall script node index.js that runs unconditionally on npm install. The script POSTs the absolute filename path which...
Malicious code in hook-augmenting-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fbb17d535ecc8b30b2ab54a487691ec2e427f9dbc3c0e20acad414bb25f3203 Analysis of this package version produced no static or behavioral findings indicating installer-side harm. No exfiltration, install-time code fetch,...
MAL-2026-6903 Malicious code in windrule-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12204dba8f73baf0bb7f6ce1ebd80bb2ce689752abaea290e1429aed4037bb9c No suspicious behaviors were observed in this package version. There are no lifecycle scripts fetching or executing remote code, no hardcoded...
MAL-2026-6798 Malicious code in argonflux (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac7feeef8f690a4bff32cb47e1725046d4c0ae9a1abdf45ac4b434f59d314320 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6399 Malicious code in normalize-plus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d9638f9c3f81ac15972cf2ff227b2d426a72c5e37035e54402648fe8120675 On import, normalize-plus's top-level initPlugin performs an HTTP GET against https://jsonkeeper.com/b/CI3HT, parses the JSON response, and evaluates...
Malicious code in rapidsearch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5b7fbd87a3c4bf6ff1e7b748244b062b46f850a7f7e034bd460c17668fa99c5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6062 Malicious code in sodel-pych (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d67bcaf42f4ef050a6b824dfbc2f711d6820f7b3b1140d211110f390e512fa The package ships several files whose names and contents suggest a non-trivial install-time and runtime footprint: a postinstall script...
MAL-2026-5940 Malicious code in @mastra/auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8918dd16aca072972c93ebb866b08d6d5fda0b443955a2d4589ecbdbf4b87539 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in transportator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f40d878023c5462d17916a03d22d7c2e9e1573ab590f50532aa2e620e7a5a13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @marketplace-shared/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98933a5f467c2a623815ed46e5baf6838ba6e86e8055b48d4941da3bf59e5c41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-49777
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...
WordPress plugin Product Slider Pro for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Malicious code in levex-press (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f33c109f544ebe960d2fe2880abba71a8abbbcfc1b8042ca5c5d5d9e6ac6b557 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in workspace-config-loader (npm)
Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...
MAL-2026-4234 Malicious code in compliance-check-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09baf2402c56bbf2219f28a1113df9b623522a17b3a199cf9a6d58f8cbb0b68a On npm install, the package's postinstall hook runs npx env-security-scanner@latest auditenvironment via childprocess.execSync, fetching and executin...
Malicious code in @doctolib-apps/native-personalized-services (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac2da4b8de2ea081f8fe7b84ef6182ab363616dc0515aaa03368bcba4a4b8e76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Astra Linux – Vulnerability in Firefox
If a user saved a response from the Network tab in Devtools using the “Save As” context menu option, the file might not have been saved with the .download file extension. This could have allowed the user to run a malicious executable inadvertently. This vulnerability has been fixed in Firefox 140...