Malicious code in blinqio-executions-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9e5a96fa18543da294b321a481fba9ad03884c6ca9387794f923c84892966be The package blinqio-executions-cli was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199186

Malicious code in blinqio-executions-cli npm...

MAL-2025-191076 Malicious code in blinqio-executions-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9e5a96fa18543da294b321a481fba9ad03884c6ca9387794f923c84892966be The package blinqio-executions-cli was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199191

Malicious code in arc-cli-fc npm...

Malicious code in arc-cli-fc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6214b07e01a7c332d90dc0c32f225b76b8a3a8733256c42038ba1a6494a1794 The package arc-cli-fc was found to contain malicious code. Source: ghsa-malware 2b66690547df94d6cac227e7ed304d7408b2344131612b96fd60575122bf7cbe Any...

MAL-2025-191064 Malicious code in arc-cli-fc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6214b07e01a7c332d90dc0c32f225b76b8a3a8733256c42038ba1a6494a1794 The package arc-cli-fc was found to contain malicious code. Source: ghsa-malware 2b66690547df94d6cac227e7ed304d7408b2344131612b96fd60575122bf7cbe Any...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Malicious code in @mcp-use/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d5826632c7194cdf9ed00c672477f5c1c8a250a107013f1edc0b803d948e471 The package @mcp-use/cli was found to contain malicious code. Source: google-open-source-security...

Malicious code in @postman/postman-mcp-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10b1da432f0b6ecaccc97520bb9697e6dbf44b04415bd15e6ac9864c86f3b37e The package @postman/postman-mcp-cli was found to contain malicious code. Source: google-open-source-security...

EUVD-2025-198958

Malicious code in @mcp-use/cli npm...

EUVD-2025-198917

Malicious code in @postman/postman-mcp-cli npm...

MAL-2025-190867 Malicious code in @mcp-use/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d5826632c7194cdf9ed00c672477f5c1c8a250a107013f1edc0b803d948e471 The package @mcp-use/cli was found to contain malicious code. Source: google-open-source-security...

@affinidi/cli (>=2.1.0 <=2.14.5), @auxx/sdk (>=0.0.1-experimental.1 <=0.0.13) +1 more potentially affected by unknown CVE via @postman/node-keytar (=7.9.3)

@postman/node-keytar NPM version =7.9.3 is affected by a known vulnerability. The following packages have a transitive dependency on @postman/node-keytar and may be impacted: - @affinidi/cli =2.1.0, =0.0.1-experimental.1, =1.0.0, =1.0.5 Source cves: unknown CVE Source advisory:...

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-windows-x64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-windows-x64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: SNYK:JS-POSTMANPMBINWINDOWSX64-14103295...

@agent-relay/daemon (>=2.0.5 <=2.3.14), @agent-relay/dashboard (>=2.0.18 <=2.0.19) +364 more potentially affected by unknown CVE via posthog-node (>=4.0.0 <=4.18.0)

posthog-node NPM version =4.0.0, =2.0.5, =2.0.18, =2.0.5, =2.0.5, =0.59.0, =1.0.0, =0.3.0, =1.0.0, =0.17.1, =1.1.1, =0.1.6, =1.0.0, =0.7.107, =0.1.0, =2.0.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-POSTHOGNODE-14103346...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...