7 matches found
Malicious code in polymarket-trader-apis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54436b6dea3d66e295c1ca82184b4f4b904d8441a68e77845f37cbb039c5f3c9 [email protected] advertises itself as a Polymarket trading helper but its main entry is a remote code loader. The default-exported...
MAL-2026-6433 Malicious code in rstreams-shard-util (npm)
The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
Malicious code in rstreams-shard-util (npm)
The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
Malicious code in @antv/l7-utils (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Malicious code in @antv/g-webgpu-engine (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2025-191424 Malicious code in shell-exec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec827763d5d35bb7fe06832d19091679dbafd7a46c4ac4891abf44bd656d2795 The package shell-exec was found to contain malicious code. Source: ghsa-malware 23f9910c5869fcb7ab6c5cc5c231c47e73e39735d9b9d1abf55109e19585f0a4 Any...
Malicious code in debug (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 558d1dda312e85212121f4ed15340349f780f5e40d6685c3687648bbb2924381 Any computer that has this package installed or running should be considered fully compromised. All...