1328 matches found
Malicious Package
Overview nottuff18 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...
MAL-2026-4789 Malicious code in ggk-happy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da23474ba170aa6d3b5bea2c2e8ebbc59be022caec4b612528dd644891e31379 ggk-happy is a fork of the slopus/happy CLI that preserves the upstream README, homepage happy.engineering and repository URL github.com/slopus/happy...
Malicious code in itc-actors-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22687e1f7601dde1753d3775925d62d040892631394937e56e9b9fba74fb85c6 The package contains callback.js which collects host identifiers and user information os.hostname, os.userInfo, os.platform, cwd and transmits them v...
MAL-2026-2904 Malicious code in trackora-node (npm)
trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in fadlsjf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7851237c54cc21d98214fdd4c10550fb6665672f78c6f685de666e25f116c54f The package fadlsjf was found to contain malicious code. Source: ghsa-malware 84c2aa35dc6cdbc9581e9c90d31fc8048bf73c56102725c533f82882b2aa3422 Any...
Malicious code in @kinggupong/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c19c128fca5c3aacdbc42a4005ff6e5fac66da9fb811bf98788503f6dfd00eb The package @kinggupong/libsignal-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in pear-apps-lib-feedback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...
Malicious code in internallib_v157 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d07f4a0d2270cdcb827bb50e9f546d7c4ab3b07ede66343b90478831a731b83 The package internallibv157 was found to contain malicious code. Source: ghsa-malware 2a4eddb6af3191b7183a9223407a3a1b9fb4e1b4e96da5ee15af1ae2f0515ac...
Malicious code in react-sdkk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5be5e5cc941dec9a36d78d9de45e31cd604e0efacd37d1b78b62e452689b2cb7 The package react-sdkk was found to contain malicious code. Source: ghsa-malware 60e38e54e0f061a0da679900787b26c8949e350345b5ae5e12688321574bd4c7 Any...
Malicious code in mongooose_updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f397bd93c8a607a5fb7cb6c4da24be0ed65157020f40d778f66f4bb8f0c6237b The package mongoooseupdated was found to contain malicious code. Source: ghsa-malware c02f092aac581da5247eba7163d5bcbb065ed41865e8eeb464ea1fedd8a4d6...
Malicious code in ern-picking2-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdd28d37200aac1cd5fc446acddca1c77227c48fbccf070f31a765422439184 The package ern-picking2-api was found to contain malicious code. Source: ghsa-malware 6d206018d9dd4cfb8e95bc0197ea0db4d442ee3b16f5209a2b452bc203dc8d...
Malicious code in equimper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174afe3f7c17abcec63d8bfa72500c726f7e7cc7a5b9f726c387f5e9c5399287 The package equimper was found to contain malicious code. Source: ghsa-malware 239809818f810ae94c81e006270640279952fcd3123a3e4da631e6810f4ed4de Any...
Malicious code in ts-tweetnacl-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8035e1fe9ea296c85e726e0afad93eacff3199c25542e19153f914cc63251c12 The package ts-tweetnacl-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192978 Malicious code in tailwindcss-typography-style (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f2e4636e4f08bc04591afc5b27fce2e03dea82a9883b2dc8092a6f23fa6f55d The package tailwindcss-typography-style was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-200747
Malicious code in elf-stats-nutmeg-chimney-245 npm...
@accordproject/concerto-metamodel contains malware after npm account takeover
On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...
MAL-2025-191419 Malicious code in samesame (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b13e951b583059d1772bdd87c42fa897e1d023144e96e75720d61aa721efbf6 The package samesame was found to contain malicious code. Source: ghsa-malware a7c35b3b06e9c075dec97186d8f347918e3017121b3bc57abb571e172ad7eb61 Any...
MAL-2025-187763 Malicious code in less-radiometric-hydra-xml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abc59368ee0d7cd8aeb4f95689e120819ddbfff2c7c82266ca7fb17267e694aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dotenv-parse-variables-biogeochemistry-version-betelgeuse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1d3c97f89cf63e178ad70c22fd8f637758e020a930ce7a5f812b784f9baca16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186807 Malicious code in eridanus-geochronology-element-ui-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c70e6b62e3a9f2699ecf4f192f3066aa1df8d5e90541a43a39c446e93e35fdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...