Malicious code in weavedb-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...

MAL-2026-5192 Malicious code in weavedb-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...

Malicious code in weavedb-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3017d9faf2f1f8a8973162392159e8d185b9c676555d406da261e67cd95395e8 package.json declares "preinstall": "./src/deps.ts", but src/deps.ts is not TypeScript — its first bytes are the ELF magic \x7fELF\x02\x01\x01,...

MAL-2026-4720 Malicious code in weavedb-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3017d9faf2f1f8a8973162392159e8d185b9c676555d406da261e67cd95395e8 package.json declares "preinstall": "./src/deps.ts", but src/deps.ts is not TypeScript — its first bytes are the ELF magic \x7fELF\x02\x01\x01,...

MAL-2026-4727 Malicious code in weavedb-warp-contracts-plugin-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a98f87e329831590a7416ca47a949a7b21cf8e948491e875d8359ca8d5cc5959 package.json declares "preinstall": "./tools/setup", which is a 976 KB Linux x8664 ELF binary shipped in the tarball with no source, no build system,...

Malicious code in weavedb-warp-contracts-plugin-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a98f87e329831590a7416ca47a949a7b21cf8e948491e875d8359ca8d5cc5959 package.json declares "preinstall": "./tools/setup", which is a 976 KB Linux x8664 ELF binary shipped in the tarball with no source, no build system,...

Malicious code in weavedb-console (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cb1233d729c7aefcbe9024196bb4af52f78854aa5ed7f46afb4fa9cd59918c1 package.json declares "preinstall": "./src/compiler/native", which auto-executes a 976 KB stripped Linux ELF binary on every npm install. The binary ...

MAL-2026-4717 Malicious code in weavedb-console (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cb1233d729c7aefcbe9024196bb4af52f78854aa5ed7f46afb4fa9cd59918c1 package.json declares "preinstall": "./src/compiler/native", which auto-executes a 976 KB stripped Linux ELF binary on every npm install. The binary ...

Malicious code in weavedb-sdk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b4b0c5f79c0370a77c3b559b70389ffee591aa22c76ca15c4077fe95b5078e package.json declares "preinstall": "./bin/install-deps", pointing at a 976KB packed Linux x86-64 ELF binary shipped in the tarball sha256...

MAL-2026-4724 Malicious code in weavedb-sdk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b4b0c5f79c0370a77c3b559b70389ffee591aa22c76ca15c4077fe95b5078e package.json declares "preinstall": "./bin/install-deps", pointing at a 976KB packed Linux x86-64 ELF binary shipped in the tarball sha256...

MAL-2026-4718 Malicious code in weavedb-exm-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78ab05b11a1c784b066c89ffaff7bdf3a3351c611818e1d310cf718a64f20aec package.json declares "preinstall": "./vendor/setup", causing every npm install weavedb-exm-sdk to execute vendor/setup — a 976,568-byte Linux x86 EL...

MAL-2026-4690 Malicious code in test-weavedb-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3bf1d859670570df6b5400c4ae762c8de880ada809bb4c371f32339744b8f9d Package name impersonates the legitimate weavedb-sdk; lib/index.js is a near-verbatim copy of that SDK's Arweave/Warp/EthCrypto class so the package...

Malicious code in test-weavedb-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3bf1d859670570df6b5400c4ae762c8de880ada809bb4c371f32339744b8f9d Package name impersonates the legitimate weavedb-sdk; lib/index.js is a near-verbatim copy of that SDK's Arweave/Warp/EthCrypto class so the package...

Malicious code in weavedb-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...

Malicious code in weavedb-offchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d267c34e35dca7091a9ab01d22a9c0a4cfde364531b8017f15f4a09785381198 package.json declares scripts.preinstall: "./.github/scripts/precheck", where precheck is a 976,568-byte stripped Linux ELF binary sha256...

MAL-2026-4722 Malicious code in weavedb-offchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d267c34e35dca7091a9ab01d22a9c0a4cfde364531b8017f15f4a09785381198 package.json declares scripts.preinstall: "./.github/scripts/precheck", where precheck is a 976,568-byte stripped Linux ELF binary sha256...

Malicious code in weavedb-exm-sdk-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...