3 matches found
Malicious code in @ts-internal/shared-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7afc836ea4b9ecc7e09f0add976470f1b4e253f8b5b53b3ce706889efb349171 The package squats the internal-looking scope @ts-internal/shared-lib on the public npm registry and runs a network beacon both during install...
MAL-2026-5857 Malicious code in event-metrics-q3x7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b805c0ac88b45f49b1698fb9ea33e00767380544221d574a0da0e0f526d07f8 On install, package.json runs a postinstall hook node run.js that triggers beacon scripts beacon20.js, beaconlinux.js shipped in the tarball. The...
Malicious code in exodus-secure-container (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92bc77b12251baa18392bd90e84d6bdc57aaef9a8c774f8cb29a0066e80f76b5 On npm install, the package runs node src/canary.js as a postinstall hook. That script performs a DNS lookup and HTTPS GET to the hardcoded host...