1250 matches found
Malicious code in @edgecommons/edgecommons (npm)
The @edgecommons/edgecommons package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...
MAL-2026-10764 Malicious code in syft-acp-atoms (npm)
The syft-acp-atoms package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...
Malicious code in syft-acp-core (npm)
The syft-acp-core package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...
Malicious code in @edgecommons/streamlog-node (npm)
The @edgecommons/streamlog-node package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...
MAL-2026-10766 Malicious code in syft-acp-uikit (npm)
The syft-acp-uikit package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...
MAL-2026-10763 Malicious code in @edgecommons/streamlog-node (npm)
The @edgecommons/streamlog-node package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name uses an '@edgecommons' scope that mimics the internal/private package naming convention of a...
MAL-2026-10765 Malicious code in syft-acp-core (npm)
The syft-acp-core package was published to the npm registry by user 'ada8877' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the 'syft-acp' internal/private package naming convention an ACP component library of a target...
Malicious code in pylogora (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfecc686b83d148b0b68acd99fe38f484c035c5b9c59fb7623378866e8e307cc pylogora/init.py invokes a at module top level, so any import pylogora triggers the payload. a base64-decodes hidden URLs and filesystem paths,...
Malicious code in home-mp-commons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 885b9dad73e9eeb07a1fcb4a94493ec85573f656f7b9347a8682f56db359cfd6 [email protected] is an empty npm package declared main index.js is absent from the tarball whose sole effect on install is to resolve a single...
Malicious code in chat-adapter-zoom (npm)
The chat-adapter-zoom package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Zoom...
Malicious code in slds-lsp-client (npm)
The slds-lsp-client package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Salesforce SLD...
Malicious code in salesforce-vscode-slds (npm)
The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...
MAL-2026-10234 Malicious code in slds-lsp-client (npm)
The slds-lsp-client package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Salesforce SLD...
MAL-2026-10228 Malicious code in chat-adapter-zoom (npm)
The chat-adapter-zoom package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Zoom...
MAL-2026-10232 Malicious code in salesforce-vscode-slds (npm)
The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...
MAL-2026-10212 Malicious code in vuln-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8bd105bf3b12062f312b41f2a1eead5e8481f8d3749fc78bc79ed8675c11394 On npm install, the package's preinstall script triggers a DNS lookup to a unique subdomain of oast.fun fabekzbnjtufpffkzzmvjvi5eafhny3ok.oast.fun, a...
Malicious code in fury_frontend-andes-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29bea4f118854efa6568545722d7210a76e06e64cad4036e0cc0b45c45aafe37 The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo, current working...
MAL-2026-7024 Malicious code in none123s (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c28e7ef260830adb9561488c487960b12e00bd6939daf8ed8e3a239ec9530699 package.json declares a prepare lifecycle script node index.js || true that auto-executes on npm install. index.js reads canonical installer-secret...
Malicious code in tme-xca (npm)
The tme-xca package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'tme' Travel Mall /...
Malicious code in enbd-react-lib (npm)
The enbd-react-lib package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization an 'enbd' interna...