Malicious code in swplayer-react-sl (npm)

swplayer-react-sl is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb25be00997a0e21d0d5337b89729fe6c3a99c9364f8a46d4b2e2a828e845f54 The...

MAL-2026-2906 Malicious code in swplayer-react-sl (npm)

swplayer-react-sl is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb25be00997a0e21d0d5337b89729fe6c3a99c9364f8a46d4b2e2a828e845f54 The...

Malicious code in chai-as-chain-v2 (npm)

chai-as-chain-v2 is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-stream (npm)

chai-as-stream is a malicious npm package that when imported send all env variables to https://locate-my-ip.vercel.app/api/ip-check-encrypted/3aeb34a333, receives a C2 dropper and executes it evolution of malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=-...

Malicious code in chai-as-adapter (npm)

chai-as-adapter is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in lockedin-chai-chain (npm)

lockedin-chai-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-mobj (npm)

chai-as-mobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/31bccfbf4ee2732207a4 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-nobj (npm)

chai-as-nobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/5b357f718ab4ee355003 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-encrypted (npm)

chai-as-encrypted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/29ebd497b6f232e6b0a9 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-evm (npm)

chai-as-evm is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-use-chains (npm)

chai-use-chains is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in env_express (npm)

envexpress is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/ZK45J and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in trackora-chain (npm)

trackora-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-inserted (npm)

chai-as-inserted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/ef2875f70e59e319189d and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2893 Malicious code in chai-as-mobj (npm)

chai-as-mobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/31bccfbf4ee2732207a4 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2898 Malicious code in chai-str (npm)

chai-str is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/XRGF3 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2888 Malicious code in chai-as-encrypted (npm)

chai-as-encrypted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/29ebd497b6f232e6b0a9 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in dotenv-pack (npm)

dotenv-pack is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/5b357f718ab4ee355003 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2894 Malicious code in chai-as-nobj (npm)

chai-as-nobj is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/5b357f718ab4ee355003 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Malicious code in chai-as-elevated (npm)

chai-as-elevated is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/545d3d0c167b8dde920f and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...