MAL-2026-5112 Malicious code in @redhat-cloud-services/eslint-config-redhat-cloud-services (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

MAL-2026-3522 Malicious code in @uipath/access-policy-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3491 Malicious code in @tanstack/start-static-server-functions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb21ff47aa0e512d1f67b02a37d160b475e32fcaa76bea381298a976c3bdd673 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @bcs-mi/store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32fb1f804a47c0e11e62bab82cc978af199c0517a91965fb2bfd34f226237d34 The package @bcs-mi/store was found to contain malicious code. Source: ghsa-malware cc97afe6281e170826ea8ad4c189a9d5bb874fe69ca97da0e2bbdf327e33ba91...

MAL-2026-2589 Malicious code in @mx-shared/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80722921f3ba7863b8f28031aa4edf777ce8e270fab10bcead75016a286cb125 The package @mx-shared/utils was found to contain malicious code. Source: ghsa-malware 30ead10eaa18cee42152061c23ee9a84c465e687911f78dd1ae0c613f1c2b1...

MAL-2026-2045 Malicious code in @emilgroup/customer-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffdd49f845d5d16e6b17778217c493abdb71d809aa288b93b59e69582119c91 The package @emilgroup/customer-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in supplychain-security-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2655712e00f8c5bf90b5a945bc60c2fd3c109d2719ec7b161114f86343741ee1 The package supplychain-security-demo was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1529 Malicious code in require-in-package (npm)

The package 'require-in-package' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

MAL-2026-1343 Malicious code in chai-as-flex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e209e357d41cfd5d03c91f7b03e155685a36191ac79740818656d310c71390fe The package chai-as-flex was found to contain malicious code. Source: ghsa-malware 43ec01f2ce6223022a2f8808fefb3586a644577acb62fbe4184add705f616914 A...

Malicious code in tailwindcss-animate-framer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c02b4943187c442df05c485194a7946cf3243d4f95240cde866a4efc05fce281 The package tailwindcss-animate-framer was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1134 Malicious code in ts-big-number (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 644a6ea1bec80a1e6f2dd3ee69a62602237f916e6b2877e126e18d8ef5b7f691 The package ts-big-number was found to contain malicious code. Source: ghsa-malware 490d5033b9169ec80de58a0c2bb8bdbfe435f06200e0b7cc729ce393f2449d40...

Malicious code in torbaileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10e4b08c935365c992a67e45fd75888de1262836188ca5a0246ba4bae988b713 The package torbaileys was found to contain malicious code. Source: ghsa-malware 477238eba8ca0f2c24ebb88b73089608a73fdc363b248e404b66acc829c0777d Any...

Malicious code in yunxohang10 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5afa709f3be67acbb1d69b61e6897f6743d7feb8f9cb31e8b0109223c403858c The package yunxohang10 was found to contain malicious code. Source: ghsa-malware 5d4bc174ce0500df2bcfb0be9787d728083db08a933b9eb56bbe52e1cf37bfd1 An...

MAL-2026-171 Malicious code in amdocs-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a6af3ffb67d97ff5a166cfa06c9dc841eab5d736ffbbdae5f3a693d7845be2 The package amdocs-core was found to contain malicious code. Source: ghsa-malware 19cbd66c5d36a7bcc61d3202596dea181a2782d867db3ea2cbb0e322f01b99db An...

MAL-2026-103 Malicious code in const-enum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a75bfbf64070500e046f70ab9f4422cd37764182dfa1c2d841bdbff803b4e24 The package const-enum was found to contain malicious code. Source: ghsa-malware b9e5e7ad6ed97cfa1d1a71c51090aa5350d5166494a11fa6e6c9bbdad50dfc28 Any...

Malicious code in asdfgh33 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59190dcd898218c2925fdb51e3fe1090cb928c4bd0de218b403c0f25469ff083 The package asdfgh33 was found to contain malicious code. Source: ghsa-malware 15c01c114a3291d28b718c3328ddd213e72bb0ee0976ef40070061e41f1c3e3f Any...

Malicious code in iron-shield-miniapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a7b0e4007bb817da7fd19c6ddd7f073f585337504d8ac60541b07e162398b70 The package iron-shield-miniapp was found to contain malicious code. Source: ghsa-malware...

MAL-2025-185352 Malicious code in @walletify/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47d10b25587929b2987efd39df23877c3753147c431eb456cef63e175e70588c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tailwindcss-gustify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1671650b65b4934845aada45f513b1bea7032ea94d90f9e1517e60bce563b621 The package tailwindcss-gustify was found to contain malicious code. Source: ghsa-malware...

MAL-2025-48297 Malicious code in shakti-platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ca52c026a7d362e8dcd8046f9322539ce61e40b0508440b211d2ac62ae0889e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...