3553 matches found
MAL-2026-10662 Malicious code in ssweb-wp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdc75de95852418c3d695299d52199b24e52202b2e5595089b3107a73c1e86b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10659 Malicious code in @sauruslord/libsignal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c2cf2672d98396a7b66cb732741d269732f5faae72293ea46e06b879e7a45b Package name impersonates Open Whisper Systems' libsignal-node but ships unrelated code. On require of index.js, after a 1-second delay, install.js...
Malicious code in sauruslord-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 474b90ec19af5dbbc5bf3c8d27c0c4d079c7d980d6e3316dad3bbf5682abbe52 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10598 Malicious code in monitoring-service-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fb0e7dea7e0302bc22488fbaf436dd36c0763f05ef494977822e8a1b7b3a1ab The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in akshajrawat.utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 105157af41712b64f8b36ec1cb01e28958e4ad828a0c08d0979a1f6e22d1f13d The package's package.json declares a postinstall lifecycle hook that runs automatically on npm install: node -e...
Malicious code in clipboard-drop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea807812d5f872524eab6c57931788239310050ffb4c477643977def9dac8fb9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10477 Malicious code in @gleamkit/socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d6a306142d74b2781d66322adf2bc1b9898bfdb8e1814d2cb511c3e49b75c13 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10430 Malicious code in prettier-plugin-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e4c522699877c1eca1bb9c838a443e3c4bfa21950cf5c5b1d23182ae91a534e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in tipsen-poc-again (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0977477bc81c656f52fb981657983580b411dda6d2c6766ba4d6a35fe4ae970 package.json declares its sole runtime dependency safe-chain-test as an HTTPS tarball URL pointing at a trycloudflare.com quick-tunnel host...
Malicious code in abuden219 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1de0c667d7c3cbfd4c96728443db8ac059d53487498341bd937cf2aaf738574a The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31a4e89de7dc0db67a1f6c404dc1b6b0b418cd8207e71ad82ef8d2027acb7ea9 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff12 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beeb7a0cb302b59468d0c8e75f4eac559afebefdf4526e4ed0832ab6ffc738ad The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff13 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fcdb937c07c7ec8c87b884a8410166890165c5e9554397ed5ebcb1a5e58cf7 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff27 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b836372198329677623bb152dc7db76b249d842c0d10a3ec94d9ce2ae467827 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee11657fe74b7eef3139cfa2b9af453d122a4ae6a93964265354668c5c3b244b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in ishowfeet13 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bca534c9132e075eb12129f9986f32127805ef4e81a801de877aaf3a9bda6e The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff29 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074e027c282713fdcd142d97a0a6b07a661db091f58be50fd7fb9dfa724b968f The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-10304 Malicious code in howmanygreatbritain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66707a972e4b6d232236d552157967ca09de229587cb90ca80ab1a1cac83fd22 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10295 Malicious code in bismillahitidakimas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbdeeb9f66b286397502ebf5d67dacf17f4cc4f58917fa9d201d799bb99c3e2c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in ratelimitsucks4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14055b6363b7ffa1d3f701928a081a38642b2c80182d5b744b5def44fe737737 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...