23 matches found
Malicious code in polymarket-clob-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a40eb434e89ad381733b42cb87bd88d0da0913520a210fd4f6da175e1a115f9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5585 Malicious code in polymarket-clob-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a40eb434e89ad381733b42cb87bd88d0da0913520a210fd4f6da175e1a115f9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview polymarket-clob-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in clobprice.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in clob.api (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
MAL-2026-4347 Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in @devcarron/clob (npm)
A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...
Malicious code in polymarket-clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0a3a7bbeb25fb478d59cdd4b62ebb34c13e8e236505813660e81abf61e74ec The package is published as polymarket-clob-client, an unscoped lookalike of the legitimate @polymarket/clob-client maintained by Polymarket, but the...
MAL-2026-4643 Malicious code in polymarket-clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0a3a7bbeb25fb478d59cdd4b62ebb34c13e8e236505813660e81abf61e74ec The package is published as polymarket-clob-client, an unscoped lookalike of the legitimate @polymarket/clob-client maintained by Polymarket, but the...
Malicious code in clob-client-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...
MAL-2026-1942 Malicious code in clob-client-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d71cb09660dc0e81eb08d723da80d7cbe9f2390137596cfead83820db53f0674 The package clob-client-sdks was found to contain malicious code. Source: ghsa-malware 2ff610e554b6569926182810264eb97b765d9c2fde7e3a53fc3c8e16388b79...
Malicious Package
Overview clob-utils-sdks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1943 Malicious code in clob-utils-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f20ec3dfbb49223ad3bda64fdd9d0af3f65ea9e3c972fc04ad497f4ff39f30b9 The package clob-utils-sdks was found to contain malicious code. Source: ghsa-malware fea942e1b67d99fb05dcee5e06429f58255c03be72abcfd2d022c7c458f4dd8...
Malicious code in clob-utils-sdks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f20ec3dfbb49223ad3bda64fdd9d0af3f65ea9e3c972fc04ad497f4ff39f30b9 The package clob-utils-sdks was found to contain malicious code. Source: ghsa-malware fea942e1b67d99fb05dcee5e06429f58255c03be72abcfd2d022c7c458f4dd8...
Malicious code in @polymarket-developers/clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 345ca83f0d4f9589714459a50b08e9f733a7d56bbb131b029748ad244a2d447b The package @polymarket-developers/clob-client was found to contain malicious code...
MAL-2026-1635 Malicious code in @polymarket-developers/clob-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 345ca83f0d4f9589714459a50b08e9f733a7d56bbb131b029748ad244a2d447b The package @polymarket-developers/clob-client was found to contain malicious code...
`clob-sdk` was removed from crates.io for malicious code
This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-20 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...
Malicious Package
Overview polymarket-clob is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in polymarket-clob (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e650fcd9e5cec151122c4e59ee9f829a9f8f3afbc998be35354879cd24f5d8bf The package polymarket-clob was found to contain malicious code. Source: ghsa-malware c6f2692198b832546ebc0a47e287ea8e976cbbacae0f1963545cb4610ddd08b...
EUVD-2026-1116
Malicious code in polymarket-clob npm...