116 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview @jagreehal/workflow is a Typed async workflows with automatic error inference. Build type-safe workflows with Result types, step caching, resume state, and human-in-the-loop support. Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Malicious code in executable-stories-cypress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 838176fbbb9290f1ee55af50cd6e292d461f33565a675a6e965bbe50d3b6c3ec No concrete installer-harm evidence was identified in this version of executable-stories-cypress. No lifecycle hook payloads, hardcoded exfiltration...
Malicious code in @forjacms/sections (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c21dd7e7453f68aa7240f5ec40de3a37683b0a9655d0218a094c528e042766f The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5196 Malicious code in @ethlete/cdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 388964a1e683fdb11adf39ffe9b97f4114b9bcd9547f941d27adb4fccff22add The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5253 Malicious code in executable-stories-init (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8558677662bfcde2a5014a6ab8947b18228abb9415a5e41a964bcf5f5dd985 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5245 Malicious code in effect-analyzer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05b6ba1ec02dea0ff73e03c34e3fc37cf4982f156578e03e50909b4d1c8ccc47 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5216 Malicious code in autotel-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9746e4768872ec865677aee5e0616ec2bddc7d5d26e9c58bffd5541533612d7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @ethlete/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59b70ddfa1fae6a08ce80a1c1f924e904dde1534eeb55d9fdcdfa9651a89b8e0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5239 Malicious code in awaitly-visualizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7f392622f2aeb9a1cd98719278777d45ea44442e6f3979175ed8d8b6f8a0389 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...