511 matches found
MAL-2026-5068 Malicious code in evmchain-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d325c67c3edd95dd9b9e24502f3c8d01369606c35e1231231383e34a24b2da7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4312 Malicious code in explorhub-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9788bd481519def1387f4eccde46e4e6fbb3d8acc8e6b181397f299581d9a174 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3460 Malicious code in @tanstack/arktype-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00740c1707de87fdde677d596049a754c3269e6b54875d76eb4934a1368b7112 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3204 Malicious code in intercom-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31f6931321619f69c7d1da208b4dffb8162d8ef83b0c9ee16539a8d8620ccbcc The package intercom-client was found to contain malicious code. Source: ghsa-malware 2d01b1077a26ddef79a7421bd98e7e2e9dd6a8d2447f41c2cfe3fb5e35f9631...
MAL-2026-3168 Malicious code in apple-internal-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16ae120f182e305f15d778dfe594aa3f79076b93b5bd4be77f293fdf08c5e12a The package apple-internal-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in cms-site-api-js-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7c005e0d9ed50229f543036c5c8bd9dd61a1ad0b5373efab2aa9fdba45084f9 The package cms-site-api-js-client was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2136 Malicious code in yelp-react-component-rating (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027bbca928c4c1696f388fbb2ac0ac3a7c74a29db1a6bb76b5c7431759c27421 The package yelp-react-component-rating was found to contain malicious code. Source: ghsa-malware...
Malicious code in graphlib-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fc5e5e2ae1439a28be92e99758c3253bf2bd09a568712a5d0725553b4836eaf The package graphlib-js was found to contain malicious code. Source: ghsa-malware 375768659fc55b18acf652226fabd9052c10c4f88d36f150317532bc8661df13 An...
MAL-2026-1072 Malicious code in @dgxeon/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 431d9b11b162e92f20bd17a9dfcc9f722baf4fb83f1d813d4f5ab29c590f837f The package @dgxeon/libsignal-node was found to contain malicious code. Source: ghsa-malware...
MAL-2026-130 Malicious code in awsm-acslibs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75908418c77ed1eed9d51f2880e20a9608a49fe6e21582715517f0fa4044d349 The package awsm-acslibs was found to contain malicious code. Source: ghsa-malware 566e39645aaa10c8e2d212725d48fa1023624b811c5d98b6c4cf6354d1beba95 A...
MAL-2025-192567 Malicious code in uba-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcb257605c151aafe2aad5cfe0a574b33989c084ccee06ee6ff0b74c33afb907 The package uba-plugins was found to contain malicious code. Source: ghsa-malware 2a73b282a96cbf09b981101e3b9e4056c51c7d9524e1cf62a41d71ce8f90f36f An...
MAL-2025-191075 Malicious code in bidirectional-adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9232b33b143ce14e500ddb0d725a5b646a180ad4bd7dbf1fc8890baefdd22f95 The package bidirectional-adapter was found to contain malicious code. Source: ghsa-malware...
Malicious code in @strapbuild/react-native-perspective-image-cropper-2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e2f74d9d1d21777c83aa98d57c78a19a6161665a8af16c87f380f0d5b8139e The package @strapbuild/react-native-perspective-image-cropper-2 was found to contain malicious code. Source: ghsa-malware...
Malicious code in vite-plugin-parsify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 031b7573beae98422d50771f010df5ea83910b304700e644b2e5b8cb6111aa59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in token_security_check (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b62a85484e47dd76287cbde832200d5fed78a12b681c06710549f39f11bb433 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in grammy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0ed36c0c9d339418b7fb4e6d6a1935303e10cf8837050934a3d6d61f0a1b6f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in gear-idea-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a66acd20e2061aa436f304d41c80567e858c74d563f53fcd774df5bce17c47b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chai-link (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5af472e8e9f91924f3ec3b28eec6184f13eee63ed37c2873f4042d81171682c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cb4good (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c16e1ebf21c15491517654d93507f4ac7ca8aa96e47403f10fd753ef7bcbca95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in no-style-dependency (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9044d80b8ff33b0d2a50511386c0fed003004f9452211938b949aca211b0866 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...