9219 matches found
Malicious code in express-deflect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 284d3f4c5f55f69391b1172ba9d2c714e3ae358a2c92a501049a1495547e1588 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in chai-spycore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbb99516f251bbd13baae5273239a6a04acefea76ddf1a7b06f4b5a328339dae Package republishes the chai-spies Chai plugin source verbatim including original author header under the near-identical name chai-spycore...
Malicious code in paperclip-host-utils (npm)
The package 'paperclip-host-utils' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, vps-adapter-cor...
MAL-2026-6949 Malicious code in vps-adapter-core (npm)
The package 'vps-adapter-core' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, paperclip-host-util...
MAL-2026-6905 Malicious code in winston-prism (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06134c2a9c642914c91312e4d0184158fda282ec1bb3715fc143e7834993e266 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in twcompose-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 096d151917a14021013de8dbd595466944a677be49ee8ca4b3ed94de63d85cd9 The package's main entry point src/index.js contains heavily obfuscated JavaScript at line 138 using a classic string-array shuffle pattern while!!...
MAL-2026-6899 Malicious code in twcompose-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 096d151917a14021013de8dbd595466944a677be49ee8ca4b3ed94de63d85cd9 The package's main entry point src/index.js contains heavily obfuscated JavaScript at line 138 using a classic string-array shuffle pattern while!!...
Malicious code in competion (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7977f7cd8dcf35f17c8745de465b35f920055be22dbb883dda7abf2e978ef0e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tracing-str (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6830 Malicious code in color-cli-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43d15f0d189a3dff03fe5549073cad30c2c0d648e6b1b12d1385689c84c6888c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6894 Malicious code in tracing-str (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sleek-pretty (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba44435dd6e0686c11ff8a9e27c60eef2f2fbdbcdbd0c3936d1f07cc78d38090 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pretty-pino-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8a3122c1ab14fbe9f5eb55c0b5ba1db0c7b8e47ecc4d935b758d6bf679821e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6867 Malicious code in pretty-pino-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8a3122c1ab14fbe9f5eb55c0b5ba1db0c7b8e47ecc4d935b758d6bf679821e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pino-pretty-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7864fcfe92b62b2ddc003e696cbe02d18e0979f4336bff4cc9352f318b260fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6848 Malicious code in log-format-thread (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e034e855661cc792a14908c613b0d3ae31917a99927ddf0db29b1ae173df0cd Package advertises itself as a log formatter but exposes an undocumented threadContent option on createLogger that is forwarded to a worker thread...
MAL-2026-6837 Malicious code in eth-tick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bootstrap-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ac4913fc1ffcabe1ed6637abc6d532abc014683f48b341ece6127a51da15d8 The package's index.js is heavily obfuscated with classic string-array shuffling patterns e.g., while!! loops with repeated 'shift' calls and...
MAL-2026-6816 Malicious code in emojiprint-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6cbf02130e84c5829369887b3e109fbf7ad94e2fbf4b4b2ca82c28f0059a7ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6809 Malicious code in chalk-logger-prettier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 575cc2964157bd7bee9bc0c7b318af484ea57a2d89a904cd8fe8bf978809f06f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...