887 matches found
Malicious code in syntax-export-extensions (npm)
The package 'syntax-export-extensions' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1518 Malicious code in ignore-html-and-css-imports (npm)
The package 'ignore-html-and-css-imports' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in @dappaoffc/baileys-mod (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee2d90dce9a6d45cb24a57cb738764c3675c7b5e6a594a15f8130938bcf5a886 The package @dappaoffc/baileys-mod was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1306 Malicious code in falcologgerinternalstate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 183181a665c683721a6523db5e15b21f8c20c2b154b2ea57decac425f8ad44e3 The package falcologgerinternalstate was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1267 Malicious code in @shenira/baileysx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a56827739abd116eca80e92a5a3d25815c78653c0c4513433fd5c4335cb9cca The package @shenira/baileysx was found to contain malicious code. Source: ghsa-malware...
Malicious code in tether-dev-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0d07b28a3afe4c020244ad7d5415342f3d62c4436107a5d764307d102b193ef The package tether-dev-docs was found to contain malicious code. Source: ghsa-malware 57a6db50523e4b656bdec519331a0443d43f1f9ae2dd91e5e1a1ee5ab6cc5ed...
MAL-2026-1237 Malicious code in pearpass-lib-ui-theme-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ea77827543a6a72312b98aefe294d7f17ef926c74ebd096bb12a0de3a894b7f The package pearpass-lib-ui-theme-provider was found to contain malicious code. Source: ghsa-malware...
Malicious code in mqttoken (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aca93be8c1540d3f53af3e84ab54ac100f00390a05d10931f80ca2941beeb39 The package mqttoken was found to contain malicious code. Source: ghsa-malware c91a888cf7be32a16813cf296ec094ba2d56bf4706c030246a92f686bac1ea2c Any...
MAL-2026-889 Malicious code in responses-starter-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83a4aedeb600114d998f8a0351978f589d1d3e9d55ebe061e7d25e95db19d2c7 The package responses-starter-app was found to contain malicious code. Source: ghsa-malware...
MAL-2026-859 Malicious code in systemtest-network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8fadd3f7e7470daeb4e977c85dbe226a9225b2c4eae6c269a4d85fc01e96681 The package systemtest-network was found to contain malicious code. Source: ghsa-malware...
MAL-2026-828 Malicious code in @reimorg/config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b715386d6331820f6ad234559c9b38d82c81bd4e0ff2ba695a8f509a4a0b9d81 The package @reimorg/config was found to contain malicious code. Source: ghsa-malware 01b3357726455a4a24aecc9b4255f7ea96cab434482b28a50e5d48f06e3cf1d...
Malicious code in @rsgweb/modules-core-www-page (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23f1da0ba801a44eed5b3b909bc1630a6580ea6cd05677e6e0f4c1b2088d4e3b The package @rsgweb/modules-core-www-page was found to contain malicious code. Source: ghsa-malware...
Malicious code in ongose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba1779f3d5601055650bab2b59f56ba51bc92366ccd49d815010ef67839f1257 The package ongose was found to contain malicious code. Source: ghsa-malware da279e18ef68f92cc1f02d94f9be7149d4664988f627ff7efbfcda617a237761 Any...
Malicious code in mongooose_update (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0077f550d3b03f4fbc6ea54a833c0e5e80aba58bec307a6720065e7d08fafd12 The package mongoooseupdate was found to contain malicious code. Source: ghsa-malware f8f7054ae7149c28576adb91e81dabf2d46ed622ff6cb5d7ae81fec89a6d027...
MAL-2026-691 Malicious code in fingerprint-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997a54dfe51f4c241904489b2db6fdc90f9da761dfaeb5f4e98747f508d4a78f The package fingerprint-stitch was found to contain malicious code. Source: ghsa-malware...
MAL-2026-670 Malicious code in aligned-array (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2e1b553bdbf785a336d224d5d3594c204455937469510cdbc423519287b2360 The package aligned-array was found to contain malicious code. Source: ghsa-malware ea83ead9b32cbe9a0c64af15ea5b84c39dad6ba94e7688ec712ceb8d1b2e8185...
Malicious code in aligned-array (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2e1b553bdbf785a336d224d5d3594c204455937469510cdbc423519287b2360 The package aligned-array was found to contain malicious code. Source: ghsa-malware ea83ead9b32cbe9a0c64af15ea5b84c39dad6ba94e7688ec712ceb8d1b2e8185...
MAL-2026-647 Malicious code in react-native-expofp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4359b8fd752707d568aa82cc795ecb3a73be0444e93f02795686a048bc2de8a1 The package react-native-expofp was found to contain malicious code. Source: ghsa-malware...
Malicious code in @pukpuk1/somsodamsd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1fe2dc16d3713a1dcc39d8fe68cd5a522648569a02d75fedfc83534792701b2 The package @pukpuk1/somsodamsd was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-as-hashed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f41b3bfa5c5bc9d3d747e0e36e6ac8139a2735004b33987b7c3706562f0a0246 The package chai-as-hashed was found to contain malicious code. Source: ghsa-malware 0f0e1b090cb9db7ad2687185748d227939549417c35f6cf08d5ec1e7c001b37b...