20 matches found
Malicious code in clobprice.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in clob.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4347 Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4643 Malicious code in polymarket-clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0a3a7bbeb25fb478d59cdd4b62ebb34c13e8e236505813660e81abf61e74ec The package is published as polymarket-clob-client, an unscoped lookalike of the legitimate @polymarket/clob-client maintained by Polymarket, but the...
Malicious code in polymarket-clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0a3a7bbeb25fb478d59cdd4b62ebb34c13e8e236505813660e81abf61e74ec The package is published as polymarket-clob-client, an unscoped lookalike of the legitimate @polymarket/clob-client maintained by Polymarket, but the...
Malicious code in clob-client-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...
MAL-2026-1942 Malicious code in clob-client-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...
Malicious code in clob-utils-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f20ec3dfbb49223ad3bda64fdd9d0af3f65ea9e3c972fc04ad497f4ff39f30b9 The package clob-utils-sdks was found to contain malicious code. Source: ghsa-malware fea942e1b67d99fb05dcee5e06429f58255c03be72abcfd2d022c7c458f4dd8...
Malicious Package
Overview clob-utils-sdks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1943 Malicious code in clob-utils-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f20ec3dfbb49223ad3bda64fdd9d0af3f65ea9e3c972fc04ad497f4ff39f30b9 The package clob-utils-sdks was found to contain malicious code. Source: ghsa-malware fea942e1b67d99fb05dcee5e06429f58255c03be72abcfd2d022c7c458f4dd8...
MAL-2026-1635 Malicious code in @polymarket-developers/clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 345ca83f0d4f9589714459a50b08e9f733a7d56bbb131b029748ad244a2d447b The package @polymarket-developers/clob-client was found to contain malicious code...
Malicious code in @polymarket-developers/clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 345ca83f0d4f9589714459a50b08e9f733a7d56bbb131b029748ad244a2d447b The package @polymarket-developers/clob-client was found to contain malicious code...
`clob-sdk` was removed from crates.io for malicious code
This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-20 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...
Malicious code in polymarket-clob (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e650fcd9e5cec151122c4e59ee9f829a9f8f3afbc998be35354879cd24f5d8bf The package polymarket-clob was found to contain malicious code. Source: ghsa-malware c6f2692198b832546ebc0a47e287ea8e976cbbacae0f1963545cb4610ddd08b...
Malicious Package
Overview polymarket-clob is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-77 Malicious code in polymarket-clob (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e650fcd9e5cec151122c4e59ee9f829a9f8f3afbc998be35354879cd24f5d8bf The package polymarket-clob was found to contain malicious code. Source: ghsa-malware c6f2692198b832546ebc0a47e287ea8e976cbbacae0f1963545cb4610ddd08b...
EUVD-2026-1116
Malicious code in polymarket-clob npm...
Dexalot Announces Launch of Its Central Limit Order Book DEX on Arbitrum
By Owais Sultan Central limit order book CLOB decentralized exchange Dexalot has announced it is launching on Arbitrum. The move marks… This is a post from HackRead.com Read the original post: Dexalot Announces Launch of Its Central Limit Order Book DEX on Arbitrum...
ORACLE to build the data file WriteWebShell collection-vulnerability warning-the black bar safety net
author: kj021320 Reprint please indicate the source In fact, similar to the ORACLE such a powerful database, really not necessary with this soil the way SQLJ stored procedure write file can also be forced to helpless the other machine does not support SQLJ and UTLFILE package is also to kill? Tha...