3 matches found
Malicious code in @sellerly-kit/amazon-token-connect (npm)
The package @sellerly-kit/amazon-token-connect was found to contain malicious code...
MAL-2025-9293 Malicious code in @sellerly-kit/amazon-token-connect (npm)
The package @sellerly-kit/amazon-token-connect was found to contain malicious code...
Embedded Malicious Package
Overview @toptal/picasso-forms is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private...