3 matches found
Malicious code in rstreams-shard-util (npm)
The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...
MAL-2025-191424 Malicious code in shell-exec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec827763d5d35bb7fe06832d19091679dbafd7a46c4ac4891abf44bd656d2795 The package shell-exec was found to contain malicious code. Source: ghsa-malware 23f9910c5869fcb7ab6c5cc5c231c47e73e39735d9b9d1abf55109e19585f0a4 Any...
Malicious code in debug (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 558d1dda312e85212121f4ed15340349f780f5e40d6685c3687648bbb2924381 Any computer that has this package installed or running should be considered fully compromised. All...