49 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Malicious code in awaitly-mongo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f476f15bad689e2500c24cf2f416567759e5182689cc2cc301912ddfde02b1c4 No concrete installer-harm signals were identified in this package version. The package name suggests a MongoDB-related async helper, but no specific...
Malicious code in autotel-sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84599539075d0dc6b022b261b65d1926f5772707f817dbc50178b5538220e2aa The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in autotel-vitest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d23b9d854410e35b16a7058ed9bc6855b3bf548b1a3ccd79ba983de3b652e1 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5207 Malicious code in @forjacms/sections (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in mountly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a392e66eff4da37e5adbd5288c1bb8da03c5348cfafacfa54aa113321e81dec5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5228 Malicious code in autotel-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96eb4c86a5765c2e51dfe25f9280eb116088dd6addbf1289f2d0f6b8af236bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in awaitly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3b437ec90b9b48314676b67f08b3ab9a54e1d3b787aa17d668dd0459f2cf68b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5200 Malicious code in @ethlete/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5211 Malicious code in autotel (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in autotel-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54f7a26d9e1681241d44bb8a37e06156508af068e0f594ae58ce4ed3a2caa94c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5250 Malicious code in executable-stories-cypress (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in creditcard.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d465ca657b19d32867e41b0ef3e049313241bba9db41c54c9e73d1682d7c1300 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in wrangler-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d2085fa4916157b99799df085aa11e3d29bdb9a47f5798c85375b1bfdf8bd7e Package name wrangler-deploy is close to Cloudflare's official wrangler CLI, which raises confusion-risk concerns for developers who may install it...
Malicious code in node-env-resolver-dotenvx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1935de81fae9e35f6c7373f982092558f30d269b205a6edf0d847fb86d0bf3b5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5213 Malicious code in autotel-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5241 Malicious code in create-wrangler-deploy (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5229 Malicious code in autotel-sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 84547bf00125156c4e307b6a73daa2b86c71b95ce3a403472519ba4fdfa87082 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5223 Malicious code in autotel-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9437d9a4154fd87a4ce99716b267b0a16d3277af57cf02dc7462e6ad149c9d68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...