171 matches found
Malicious code in abuden211 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b56fab3567bb384777773b6a1a1793f1842ae69d9937268e4c6d837072f51ac The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-6930 Malicious code in annotator-harvardx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e60352f3188693c150a75a0c785e9398fd12270a4cd481c3bcb411993beffbbd The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in winston-prism (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06134c2a9c642914c91312e4d0184158fda282ec1bb3715fc143e7834993e266 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in logger-beauty (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29f894c613d7ea8f407e4515aca877e6f13b5bb8e72530ce8032a534336b5a25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6687 Malicious code in procwire (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011cf28d546459d946b1ed6d92c3beb4cb7c5322d6a9370d52fcd40e9a81ac2f On Windows, installing [email protected] automatically downloads and executes an attacker-controlled executable. The package.json preinstall script runs...
MAL-2026-5847 Malicious code in reading-cookies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d137cd4e8e7fc6d323c33ed04a87a97b152b217f948d01fae3172900751bf121 On import, the package's middleware spawns a detached node lib/caller.js child process. caller.js decodes a base64-obfuscated URL...
Malicious code in ts-iter-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52fbece62de86bd0498245046503745a1c94d8be949096277c47cd4a01f99dcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mobile-international (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 543efd73c4d2860379f7e412db8f3ddb33401c3788a2a18f5ec0648e33b51a33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4342 Malicious code in wm-w5g-preview (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5bc0860496300da0db2cc794dea65576b86229a620d4de1b2da80ad79caa333f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3731 Malicious code in mrgn-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @squawk/navaid-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 966263f7b58fca4470e282294f432c7c78d25b154b3c6daf6580d2b426a5e004 The package @squawk/navaid-data was found to contain malicious code. Source: ghsa-malware...
Malicious code in @squawk/fix-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 624b956af551986dc49e0004c6e0c804f3b48f57216b63bb5784c9c236e866da The package @squawk/fix-data was found to contain malicious code. Source: ghsa-malware b47010b41e9098203e9d382c36292a5bfa3c32741fbc916a9a9935f9975fc8...
Malicious code in @apple-pay-trust/check-apple-pay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e70605dbfa408340f5181bb26e47fb08e3ff8925c50aee6cb62132e724ba7a09 The package @apple-pay-trust/check-apple-pay was found to contain malicious code. Source: ghsa-malware...
Malicious code in tinfoil-shops (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12060d7ba8ada1f0215277ed3936de1f8e9f03d47430fe816b634778291d7024 The package tinfoil-shops was found to contain malicious code. Source: ghsa-malware 5fafb06ed458abc37062e49cbd57b0e5c348dba7d88d1524ca5df198216d7326...
MAL-2026-2078 Malicious code in @emilgroup/task-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4aef8ca2987206595d5c54a2df6265669bdb67ca99915bb763ac38f2d6a46d7 The package @emilgroup/task-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1265 Malicious code in aaaaaxxxxx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74022d63a8f08b2891b69972616980c694bf36c621e434d53bb293d3c556d50e The package aaaaaxxxxx was found to contain malicious code. Source: ghsa-malware 76e892030ae3b51f49aca22d108dff0826190b133c1d18bd448c9308b904f8d4 Any...
MAL-2026-1219 Malicious code in demo-pipelinetest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cdbe67e8fa0e92aa8f588916bbaf7b0c041cd6613636172f671c1a6251df15e The package demo-pipelinetest was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1128 Malicious code in colorize-console (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f4e60bdcd92f4f5690797fa091f0acb0a463de5c353ded0f6f5e7317a2f84eb The package colorize-console was found to contain malicious code. Source: ghsa-malware a0e5faaa04c5e7d06c634dc2be1f148aa27acb8842f1731dad902bdb3e33d1...
Malicious code in sukuna-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e07b29340747170d24de4cad05110d564fdbd92e9f3fbbd5af57ab84bf85e619 The package sukuna-baileys was found to contain malicious code. Source: ghsa-malware 5708a63cc8ed7f411f26a07bdf5a6653f438a103c0ddee8518c172f4adb73c73...
MAL-2026-1129 Malicious code in danzxz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4833c4fc240e2ee3782998738394ab42ff4d28ba2edcdf9e6aa97e195b12b32e The package danzxz was found to contain malicious code. Source: ghsa-malware 3426bcec6ad873a2aee246f7333e939a481c489dbbdffab631e2f588c421b629 Any...