964 matches found
Malicious code in mws-common-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c1ca345fe8bb8298e9adc0920dea67d420dd5c57f79004c058df12bc365f016 The package mws-common-ui was found to contain malicious code. Source: ghsa-malware 935da08d8dffad1e28679a7043038425705e76dff3808c50361e8a67d02c55f8...
MAL-2025-192361 Malicious code in datadog-checks-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c81f3e37fe2d626410665826364d682e76edf32642b1cf36d4b12b987a9b102 The package datadog-checks-base was found to contain malicious code. Source: ghsa-malware...
Malicious code in elf-stats-sleighing-mailbag-621 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3bd43889e90656b7e076b57eae6373547a6c883fda60fd63069784433a41bab The package elf-stats-sleighing-mailbag-621 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in elf-stats-snowdusted-stockpile-595 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 313c3813ac8880b0dc1f1a973c0125bf17d9f2c700ddc7a009cfc1efbdb54f4b The package elf-stats-snowdusted-stockpile-595 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-192203 Malicious code in elf-stats-cocoa-ribbon-476 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 005ed1613dc4777b86a0449d32f014ea40f1ab9237ebd84bed9d955cdbaefd56 The package elf-stats-cocoa-ribbon-476 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-191959 Malicious code in karem10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02ecf4d35a03a77c6c6665e814830b4111dd4c3e969a800697b3ca6dc0eeaebc The package karem10 was found to contain malicious code. Source: ossf-package-analysis d2bf23a7af43498c68b78f4d0e45aa2dec25a1ea950bc0c7b9b0d880ec35b9...
MAL-2025-191486 Malicious code in vitest-environment-jsdom-patched (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e0d8ae07807d73026bd13988c3341aecf8375b53ae436d03f80110884c5d84e The package vitest-environment-jsdom-patched was found to contain malicious code. Source: ghsa-malware...
Malicious code in br2s-ui-componentlibrary_r2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be6786b979a9a6378e096381748fc3546c761e95cf2631585010ca066ad5ef19 The package br2s-ui-componentlibraryr2 was found to contain malicious code. Source: ghsa-malware...
Malicious code in epicgames-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d81307de796f23d50ad12835bc127927e7afbc7c5e5d4fe4948f65ccd413cdd The package epicgames-ui was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in wishlist_dropdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96af5d4cffbd1a2bb13ecd403b9acf5e0fe62f6df151c6b511f556c9c0a11c31 The package wishlistdropdown was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-190574 Malicious code in kc-next (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32088d023faff39ca532f60b6fefa143e98da4ff439ecf1d9922cbb7f5f669ef The package kc-next was found to contain malicious code. Source: ghsa-malware 750f8ce90382db0d1c42cc21bef3cce0f5220048311c62bff8fb2928e2b936c6 Any...
Malicious code in warnermedia-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 235c7d43006e41c31c3b06069239c483934cee515a1f489c55e698fdf994909e The OpenSSF Package Analysis project identified 'warnermedia-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in ikea-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2d28e0f1a30aac98cbe4b49221df9736b6cbe4d629d85b5b57d50cc4163f72df The OpenSSF Package Analysis project identified 'ikea-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package executes...
Malicious code in mbed-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e37cade9ed9f558086d52e3d4d53a6892f73d271c38ea94d5c0dd25d2a2eee32 The package mbed-js was found to contain malicious code. Source: ossf-package-analysis 09a05d2a84ef02b428f1176efd59cabf7a0b1c55bf4b0d8a2ac97c681ada2d...
Malicious code in baseline-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e8f0d63405c3006d5549ebf1df01f884df985fdbac7dfcc07c22c06ad556c8e The package baseline-server was found to contain malicious code. Source: ghsa-malware 2eef37dadfa82b7f47a185f272073322cc60a193be57b46387b84bbc55b3655...
MAL-2025-48558 Malicious code in demo-mercadopago-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a777ccccffbf142e34b0081be4681c4ffcb72aa584b99d15bfd58878e6085881 The OpenSSF Package Analysis project identified 'demo-mercadopago-mcp-server' @ 99.0.3 npm as malicious. It is considered malicious because: - T...
Malicious code in haedal-vaults-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4cdc575f935d62b37b17082181381a8002b5784fedda1dfc854ef2f74f39edf6 The OpenSSF Package Analysis project identified 'haedal-vaults-sdk' @ 1.6.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in shopifyql-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22c1e659f820da451cb67b3bf646d2511ccc31118a06138dbe97687430e7bbb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in file-dependency (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis db9d9ac2b90c17d04ff56afe81a886e99665eb55048e7cc7c9a3f0b1855db828 The OpenSSF Package Analysis project identified 'file-dependency' @ 7.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in monolith-twirp-git_src_migrator-monolith (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 060f3ebfeb0862be79294c75a97aaa823e0378ae4ef10ce1910472c923b31dc3 The OpenSSF Package Analysis project identified 'monolith-twirp-gitsrcmigrator-monolith' @ 1.6.3 rubygems as malicious. It is considered malicio...