342 matches found
MAL-2026-6417 Malicious code in leo-auth (npm)
The leo-auth npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...
MAL-2026-6434 Malicious code in serverless-convention (npm)
The serverless-convention npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
Malicious code in leo-connector-oracle (npm)
The leo-connector-oracle npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
Malicious code in rstreams-shard-util (npm)
The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
MAL-2026-6421 Malicious code in leo-cli (npm)
The leo-cli npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...
MAL-2026-6426 Malicious code in leo-connector-oracle (npm)
The leo-connector-oracle npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
MAL-2026-5242 Malicious code in creditcard.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5206 Malicious code in @forjacms/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in awaitly-visualizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in @ethlete/query (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in autotel-drizzle (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 296ec225ea5d6328333ec1641f1562f475b1ed521a003427b581aa288cc735b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in autotel-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d9ead83772087e781dd41428b81aec15c104b5064f20f0c47e911025942bd01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5212 Malicious code in autotel-adapters (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in awaitly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2af5864a1d317bcc70096c02229d56d855d608e28196b1ed98c7884be7a2ab6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5208 Malicious code in @forjacms/sections-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5217 Malicious code in autotel-cloudflare (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 323293c896bea2f139c7cbc9b70945de92024143fbb9011993e065080656d2a5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in autotel-hono (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c68b32ae5e05f59d29919bad0bfae6bef90d3723f77b4a64cc86d6e3a39284c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5250 Malicious code in executable-stories-cypress (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5221 Malicious code in autotel-eventcatalog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 86524d7f87f8424258cdd9246b539020663bfa18e017ded7d5fcb1b3880859f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @cap-js/openapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 243c059793e8b277fc77959046b7b064cb740d568fa53e4d30b9075660d9dab5 The package @cap-js/openapi was found to contain malicious code. Source: google-open-source-security...