110 matches found
MAL-2026-3723 Malicious code in npmjs_solc-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b789c7234e3c391e6e2f6359d87f873205fb341c1bf186194815b16d53c7fa71 The package.json defines a postinstall lifecycle hook that invokes childprocess.exec to run curl -s...
Malicious code in afk-react-intl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 807b3bc717a7c8f60ecb69d7653fd0942431e9e6adf27cb34e2f68b4bae06cec The OpenSSF Package Analysis project identified 'afk-react-intl' @ 99.99.99 npm as malicious. It is considered malicious because: - The package...
MAL-2026-1295 Malicious code in tabformerlite (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 24a23931f60d9a2daf27a6df2eff2f3102cb239f6d058bed6646d208787f0c5b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-192680 Malicious code in escaux-scrumboard-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2d3a9c35af8fd074327c2b67262963aa30c1d92abbee4132456ef354f51140e The package escaux-scrumboard-api was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @ikarem/telemetry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e43d2a07b55a1387aa741edace01850ec9f79a58baac8ee1897610e2b8e77cb8 The package @ikarem/telemetry was found to contain malicious code. Source: ghsa-malware...
Malicious code in elf-stats-northbound-sparkler-410 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f08736c2162a48e541984d90b3b871f1be3f37ce290cb43fce03b7af871d6804 The package elf-stats-northbound-sparkler-410 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in elf-stats-mulled-nightcap-782 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1754b82eccb103258150db62b62845428519c343aa46a0337610f74344af221e The package elf-stats-mulled-nightcap-782 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-192273 Malicious code in elf-stats-merry-cookiejar-139 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3caac305a579d5472a74cce76854b64c309a81144123fd91b346199e6298009b The package elf-stats-merry-cookiejar-139 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-190600 Malicious code in optly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0772e230f188de88a82becfa6493f2c39c36e63290339595308366a84154a56 The package optly was found to contain malicious code. Source: ossf-package-analysis e70192025ea0e8c030d0adbe15f6c3272271f3b25cb13eedfb8136da48c9a29a...
Malicious code in node-calculator-1b6e (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9836f0c7c84a6804c063c9e845dd05381413f1c6c9fe2b6d8e1d70473a80a456 The package node-calculator-1b6e was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49095 Malicious code in create-response (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 242fbf21e70f13fac07ad9415ae43d91bc17823a931c07c5143ae7f7119a2b24 The package create-response was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in codat-snippets (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-47121 Malicious code in hrprce (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in com.revenuecat.purchases-unity (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9409a3b3ea8cbed10c1c8e9ee79e134487117b36b0280c2190576e79e6387b60 Any computer that has this package installed or running should be considered...
MAL-2025-42029 Malicious code in mpesa-backoffice-frontend (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-41340 Malicious code in typescript-5.8 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e5beba7c2e6c6b468d2708bf24ba287dcdd016c8345420d5535bf883e8158af9 The OpenSSF Package Analysis project identified 'typescript-5.8' @...
Malicious code in rush-c (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 87ef3df74ad4f8e39b88d949f7728ee14fe93ba9ff8edb5efa5ca9a154630504 The OpenSSF Package Analysis project identified 'rush-c' @ 99.0.9 npm...
Malicious code in remark-cross-site-link-plugin (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8c7fd443fcaba7627f28aa45f16610fef8703f54b0f2dad9c22642c2d428a278 The OpenSSF Package Analysis project identified...
Malicious code in package-extractor-test-02 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 697a859ea4113bd747e08d7e374aff232885ac108926a2f0b8be99612d3e67d0 The OpenSSF Package Analysis project identified...
Malicious code in guppy-dev (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b56a4d108a100f12dd3aedb0e1f0f3b8007ecc181e366198a22242473696f219 The OpenSSF Package Analysis project identified 'guppy-dev' @ 2.0.0 n...