138 matches found
Malicious code in coral-wraith (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0e5e4aa66ffeb1481fd587c96f596a227c9388b86b3a3443749b5ec9eb09f1 The package's postinstall.js runs at install time and performs a credential-harvest + host-tampering chain against the installer. It enumerates npm...
Malicious code in @bancolonbia/menu-filter-widget-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76511e7873dc4a76b8447f91807e48289877ee612cd0d94526206390bbda7f3e package.json declares scripts.postinstall: node./callback.js, which fires automatically on npm install. callback.js reads the installer's hostname an...
Malicious code in align_rest_api (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a3b4fd5fe3e581dc76f4fbe187da4427e159ff73a717a99c2f519af87ca7b2c8 The OpenSSF Package Analysis project identified 'alignrestapi' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The packa...
MAL-2026-4230 Malicious code in cryptoco-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46f83b7a7a5e28fe4fadbd72b0d38ff322210501ef54807160a13b7d797e6c68 On require, index.js opens TCP connections to the cloud link-local metadata address 169.254.169.254 across ports 80, 443, 8080, 3000, 5432, and 6379,...
Malicious code in claude-code-base-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686 The package claude-code-base-action was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @zentrafinance/types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa8866d3eaa828e8b575d8351ed3430237e14f71bb1af0acc90c468a7e8b8cb The package @zentrafinance/types was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3721 Malicious code in npmjs_ethers-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97aa3b72d45b1d6c6dc376c60b00c8c1fe60a9664d6767ffa64ba0ca1a4cf1b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gaia-codesearch/gaia-api-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59cc0f371f067ea9c6f0bbe7076f9f33181d8e1ae55c43ff05ae2b854de41549 The package @gaia-codesearch/gaia-api-typescript was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in money-badger-open-rpc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a9d70a5231934ee14ab33334a3de0db40d5520fb4ef092a5a24cbdffff9751e The package money-badger-open-rpc was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @t-in-one/save_application_hid_to_storage (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
MAL-2026-3233 Malicious code in apexomni (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a53c153f68abdc118a92f4c3a13c2ad21e0d098bdf5e7cf57e679e467b226c06 The package apexomni was found to contain malicious code. Source: ghsa-malware 8ec8450f87a6c99576d96e1c59179c61ef89603915c8d003af0f5f6992348092 Any...
MAL-2026-3184 Malicious code in @breezeai-frontend/tailwind-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93dd597412bdae22d265ee51f76a40cefa637f09bdf73cb7ede9ac63daf05ac8 The package @breezeai-frontend/tailwind-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3111 Malicious code in @apple-pay-trust/authorize-payment (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6403670e0f9573b88d997609a27ef3630ca5d0442446368011a1980a1b56298 The package @apple-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3067 Malicious code in @ozon-complt/split (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c1f495268eb36a5d6c7f43e110ffb8cb58953bce375fdb4e6feb02818b3ce0 The package @ozon-complt/split was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3017 Malicious code in react-spa-npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43b35510ff33bc6f887152176f91fb63f2a336c8822c151ac6039ccced83c96b The package react-spa-npm was found to contain malicious code. Source: ghsa-malware c9044f471d6c131db0da2c97994b81cd8d2680486695f42dec152b2b23f5e0be...
Malicious code in sy-editor-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cbd7c2056a09f76b9e73fbd0dae4370df9df455077146ae85b6b985b0394d4f The package sy-editor-v3 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in lightweight-charts-4.1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f7a7bcf5678b42c2da20ad8e444066092ac3a9c17a6c8867a034717d1d8c344 The package lightweight-charts-4.1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in f0-state-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 989b5f62777b6b7fbd236eb28a54b0e42ba48548dc0a49919c5f311c1f1c7072 The package f0-state-manager was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1427 Malicious code in @3stripes/helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43a7574944c393165544faca6357fd6ce623ef66d2b9b367a3042f34eae4f81b The package @3stripes/helpers was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @3stripes/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1644f08d12a97a4daeeca3e4195d91585bdbe1a8c2085fa918a92427cf1ee99f The package @3stripes/api-client was found to contain malicious code. Source: ossf-package-analysis...