1240 matches found
Malicious code in @marketfront/customdealsfeed (npm)
The @marketfront/customdealsfeed package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
Malicious code in @marketfront/dynamicpageparams (npm)
The @marketfront/dynamicpageparams package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and u...
MAL-2026-6765 Malicious code in @marketfront/bannerpopup (npm)
The @marketfront/bannerpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6781 Malicious code in @marketfront/gotoauthpopup (npm)
The @marketfront/gotoauthpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6782 Malicious code in @marketfront/header (npm)
The @marketfront/header package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
Malicious code in @marketfront/devtoolsloader (npm)
The @marketfront/devtoolsloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
Malicious code in @marketfront/fashiononboardingpopup (npm)
The @marketfront/fashiononboardingpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0...
MAL-2026-6786 Malicious code in @marketfront/mychatspreloader (npm)
The @marketfront/mychatspreloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and us...
MAL-2026-6783 Malicious code in @marketfront/infopopup (npm)
The @marketfront/infopopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...
MAL-2026-6764 Malicious code in @marketfront/advertisingdevtool (npm)
The @marketfront/advertisingdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and...
Malicious code in @businessapp-microsites/apis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b70ab5da6865ec94b15097fa84836ab41f39b65a5277974b407c545d8d424c7f @businessapp-microsites/[email protected] is a dependency-confusion squat against the private scope @businessapp-microsites, published with an implausibl...
Malicious code in yastatic-s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6abc47a32b453ee0a12ea33e7512ccdea60ed1868839e952cbeedaccd002a06 Package name mimics Yandex's yastatic static-asset namespace. On install, postinstall.js performs an unconditional plain-HTTP GET to a hardcoded...
MAL-2026-6586 Malicious code in yastatic-s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6abc47a32b453ee0a12ea33e7512ccdea60ed1868839e952cbeedaccd002a06 Package name mimics Yandex's yastatic static-asset namespace. On install, postinstall.js performs an unconditional plain-HTTP GET to a hardcoded...
Malicious code in yandex-geobase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f6219d513896736aee31ce33719d6ae2d1f5b03293ecdfe884d944bbb3eb99a [email protected] squats the internal-sounding name 'yandex-geobase' and ships a postinstall script that performs an HTTP GET to a hardcoded bare-...
MAL-2026-6574 Malicious code in yandex-geobase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f6219d513896736aee31ce33719d6ae2d1f5b03293ecdfe884d944bbb3eb99a [email protected] squats the internal-sounding name 'yandex-geobase' and ships a postinstall script that performs an HTTP GET to a hardcoded bare-...
Malicious code in rebrandly-domains-digger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d1744d2a299b9ef0526f49b4b2297fcd6c72581c51a3359801db56318d8cfda The package declares a preinstall hook that runs node callback.js. On npm install, callback.js collects installer-side identifiers — os.hostname,...
MAL-2026-6573 Malicious code in rebrandly-domains-search-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d4464320c8530d582d35f85ce95045182d82e1dd63a830644bcb68f05bdf10e Package [email protected] is an empty module index.js exports an empty object whose package.json preinstall hook runs node...
Malicious code in ulid-xyz (npm)
ulid-xyz is a typosquat of the popular ulid library sortable unique IDs and is a cross-platform Remote Access Trojan delivered via a postinstall hook. The package.json postinstall superficially looks like an inline node -e guard that checks for the existence of a dist file, but it actually launch...
Malicious code in livekit-agents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b The unscoped npm package livekit-agents advertises itself in README as the official LiveKit Agents SDK and links to livekit.io documentation, but the...
MAL-2026-6555 Malicious code in livekit-agents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5abf921f58c69745fee91e812853b493a282f3d42f55db38516ba54b827ea35b The unscoped npm package livekit-agents advertises itself in README as the official LiveKit Agents SDK and links to livekit.io documentation, but the...