22483 matches found
MAL-2026-10515 Malicious code in nodemon-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3f5aa35dd34f3c1d075d6ebee3f25a0445780f6f2c78d55a958868e530fe315 nodemon-web copies the source of the popular nodemon package verbatim and reuses Remy Sharp's author metadata and the...
Malicious code in @nsub/nitxe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b16147b7ac55d6c4cc4e042be73e6d49fc7232e8a03f406fecd034cdd27bf0eb The package's declared npm postinstall script collects the installer's username os.userInfo.username, hostname os.hostname, platform, and the entire...
Malicious code in tipsen-last-pls (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdcb8c863a7cdb4b0c61ff35c63613602654ae8cf581eb0b8c8e4bd0ed6c2f62 package.json declares a dependency safe-chain-test whose version specifier is a direct HTTPS tarball URL on an anonymous Cloudflare ephemeral tunnel:...
Malicious code in another-poc-by-tipsen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1bd73ac39644da27df81fcbc6540647d0f13d77419a07997a8ca0a2baa6164e package.json declares a dependency safe-chain-test sourced from a tarball URL on an anonymous Cloudflare tunnel host...
Malicious code in tipsen-last (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8dda277dd82e1c50906cff18341bb76485eed33ba42d39b228c447514e4081f package.json declares its only runtime dependency "safe-chain-test" as a direct tarball URL on hoped-twice-evaluation-site.trycloudflare.com — an...
Malicious code in abuden222 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c141ada78ccdede0bb49a76d998fcf07eb4cc60c58cce5fdc1b5933b85a817d The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden217 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42fce03517a0e7a241f99d0ce806a5bb90a4f70b083a2997c80868f3bc37d4b4 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden229 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 348ad89821b1ea36a325bc8f2e570b3a74e3a6238381106746bc31146c743fec The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in sixseven8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec482cba13f20090fc306d9a8c732ec4edbc8bb9326324f7dedfb544ad0d9a11 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
Malicious code in abuden224 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4b6da7762075dee890b0878af8420637eed76f394f658992c5e10454e09e1e2 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden226 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a4986d9e75be69083a7905e5ef5e4558e17fe8b9f15777a9cd692c882b9d6b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden28 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a58dd1a008e23641f5373b4593347947fb72a1a199e2354ffe75c79af4066d98 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden227 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 424eb4c5daef762a3d9dd8a50b397d64812466368d7b044d4f65679e02659d83 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden225 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1055fc13dd3381055731dec99548ae360bcbf6263ffea25b8e89e49f43c9fb05 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden211 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b56fab3567bb384777773b6a1a1793f1842ae69d9937268e4c6d837072f51ac The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden213 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a014a046e0516c12f5b1d7dcebebc2451633c4987fd3c96aae43229501ede141 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in sixseven7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152671e097b964ad20f2d83c5b18c690ca4d5880023fb89941b6fed2d3752b75 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
Malicious code in abuden230 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2234aab0cda39685bbdd725de23c50e6e6b78ca85d8ae3c48dc0577287406f65 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden214 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bdbebaa72ae71aae5482f3726a6be11649402b33365104e2fbf39f1db624137 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden228 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b15ded0c14059932e82f8e56f2b6d6fb13ebe2da3b51d3e17e048044e9266716 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...