138 matches found
Malicious code in @get-wrecked/overlay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3f69fb73aa68e8345f0c5b8a87578c3eac0a11576be46084e983aa24d911f07 The package @get-wrecked/overlay was found to contain malicious code. Source: ghsa-malware...
Malicious code in bps-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f41e4d6abfba5f03e914140b0b171314ef8a614e3e03ff9685325532260a745 The package bps-design-system was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in trae-browser-inspect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fbd2b8603f95aa744b92e1f624c31c4afc4dcb7ef634096a331302462b45e1f The package trae-browser-inspect was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-988 Malicious code in vl-ui-action-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 681eef2c6f7a9061c23f448a351fbf64b8d5302e6343f486e534c4a440b1e793 The package vl-ui-action-group was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-874 Malicious code in google-search-result (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7ada4db6050e81933dbf7a82d659e0793c79b0b8f771b3175b5ef4668563238a Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...
MAL-2026-839 Malicious code in search-newfrontier-podlet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6e41804eeb58691ca7b68763c0db9e48636ffeb9d7020d95bbc9d9e9aec6e76 The package search-newfrontier-podlet was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @rsgweb/locale-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b1882e2ffa769f9383127f2bfc582935b3bb1145e172eb6941a0276989a983f The package @rsgweb/locale-tools was found to contain malicious code. Source: ghsa-malware...
Malicious code in conp-dats-editor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf The package conp-dats-editor was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-199 Malicious code in vet-bones (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3ce97e3af4cf9c82b0a51f4b693273ac59c6b1357b445b5613fbdcf7edec9a9 The package vet-bones was found to contain malicious code. Source: ghsa-malware 963e426141db06e18a04d497aed8ab05c8c6acfc76e6570d7c4a0bd2d81d7658 Any...
Malicious code in dstny-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b284da9586db3d25955c197277419786676841a572ee83eb99a463072eff3dec The package dstny-utils was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3 Malicious code in rules-deployer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 849a58d27ed0090633a72330c705b5849146aa1493961574c6a11dc758e28e34 The package rules-deployer was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in mws-common-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1ca345fe8bb8298e9adc0920dea67d420dd5c57f79004c058df12bc365f016 The package mws-common-ui was found to contain malicious code. Source: ghsa-malware 935da08d8dffad1e28679a7043038425705e76dff3808c50361e8a67d02c55f8...
MAL-2025-192361 Malicious code in datadog-checks-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c81f3e37fe2d626410665826364d682e76edf32642b1cf36d4b12b987a9b102 The package datadog-checks-base was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191959 Malicious code in karem10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02ecf4d35a03a77c6c6665e814830b4111dd4c3e969a800697b3ca6dc0eeaebc The package karem10 was found to contain malicious code. Source: ossf-package-analysis d2bf23a7af43498c68b78f4d0e45aa2dec25a1ea950bc0c7b9b0d880ec35b9...
Malicious code in epicgames-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d81307de796f23d50ad12835bc127927e7afbc7c5e5d4fe4948f65ccd413cdd The package epicgames-ui was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ikea-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d28e0f1a30aac98cbe4b49221df9736b6cbe4d629d85b5b57d50cc4163f72df The OpenSSF Package Analysis project identified 'ikea-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package executes...
Malicious code in baseline-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e8f0d63405c3006d5549ebf1df01f884df985fdbac7dfcc07c22c06ad556c8e The package baseline-server was found to contain malicious code. Source: ghsa-malware 2eef37dadfa82b7f47a185f272073322cc60a193be57b46387b84bbc55b3655...
Malicious code in haedal-vaults-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4cdc575f935d62b37b17082181381a8002b5784fedda1dfc854ef2f74f39edf6 The OpenSSF Package Analysis project identified 'haedal-vaults-sdk' @ 1.6.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in shopifyql-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22c1e659f820da451cb67b3bf646d2511ccc31118a06138dbe97687430e7bbb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in monolith-twirp-git_src_migrator-monolith (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 060f3ebfeb0862be79294c75a97aaa823e0378ae4ef10ce1910472c923b31dc3 The OpenSSF Package Analysis project identified 'monolith-twirp-gitsrcmigrator-monolith' @ 1.6.3 rubygems as malicious. It is considered malicio...