176 matches found
Malicious code in ishowfeet13 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bca534c9132e075eb12129f9986f32127805ef4e81a801de877aaf3a9bda6e The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in mchain-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5249b7e6ec4cba8f4a3b2d332ec69069c1ca39eabec04a1372500ea25952280 package.json declares a postinstall hook node./src/core/index.js. That module immediately runs a top-level async IIFE that base64-decodes a URL store...
Malicious code in clavue-agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 399c0d2f1fabfa46b35810b70797862a0fd469076fa9496549237ab413ccada2 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6949 Malicious code in vps-adapter-core (npm)
The package 'vps-adapter-core' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, paperclip-host-util...
Malicious code in @finantix/webcomponents (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78f0e6feec707d8b1faaf2926aaeeb7ffc74ba086a917eecd010988211e91de5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @mastra/github-signals (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e263abbd9ed9975f3f8aaecfd1a780616bc3aef00238ed9ba9075b5bf4e38f37 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ab661f926db8827cca977fedce8cae92cf025babad8825c2e43467121a5c26 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5950 Malicious code in @mastra/hono (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38c7b04ac71f0c234ec7105176bed53c8b893cdd89fd72465733787456601d0c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5873 Malicious code in rbac-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfd069b5aee6494b5fb19754ecc7a98fd39d282a9ea458c46e0bd7045e2c19cb The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in prettier_v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52d6c46e6d7e7ba0269dbb3d9725b5943d1b4b94ac2587a5738983cb93d8e1cf Package name 'prettierv2' closely resembles the widely-used 'prettier' formatter package, raising typosquat concerns. The file lib/mirror.js contains...
MAL-2026-5666 Malicious code in downlynpm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a04b70a8d532cead70309fd97fc63afc3e1e3a411443076da4d90d2cb4b9bc5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5657 Malicious code in @iobeya/spa-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9a974281dcc6456d815e6cb8b755c3084c7ba2d4026264474e459681a9a25cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5309 Malicious code in nodemon-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51b598671d8b4d96e826035c56685f7064e10dbcf7cf150e7ab4b2bd9194ad9a Package is published as nodemon-lint but its package.json, README, bin name nodemon, homepage nodemon.io, and source tree are a verbatim copy of Remy...
MAL-2026-5102 Malicious code in @ewfewfewf/testhackerrr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47e70cb260a34952bd8dabf1cbb510efbc9072e3d809a03deec32a70745e4d3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4302 Malicious code in auth0-aspnetcore-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a65e2c9bb72bed2f85cc5ce144070401adc82275fbdceee1345e245bd8b69dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in atlassian-marathon-asset-pipeline (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d32d9c71cf7460230bdc7da7e9c9cddc9618a5ca53a66adde25fb5a3e588418 The package atlassian-marathon-asset-pipeline was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tanstack/router-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bbe10ec33a8ef57cbee1293be08884f598f604cc51b69f3eed2d17217efd462d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3466 Malicious code in @tanstack/react-router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2583e447a99e68ab9e3a7562a7a9693e1c09de387a824f47a07f325e3b5b4d39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2672 Malicious code in ahmed_salem_ph (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45bfa2da9e04507b1c6e4fbde5f9ce1d57ce0f499596b2fafc61afb4d544fc4a The package ahmedsalemph was found to contain malicious code. Source: ghsa-malware 911051e187786828f6d65957478aad7f1c354940c6ee7f425dc8a779e4c9e039 A...
Malicious code in bs58-basic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56502a3bb31374f7cf0d79d8abc98ccac595ca94fe2b9720daeeb9217901c9e0 The package bs58-basic was found to contain malicious code. Source: ghsa-malware 5101b36fd690268aa870c7d458d29e404540f3d3cc29dd19404137ca9f618f56 Any...