1968 matches found
Malicious code in @tallyui/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d8c00e97e1db6523971d72b66f9fd535aebe26956574db7d6a78797a37be9b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @squawk/flight-math (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0595c498e25ed96bb0a13cf8ce777df0977f4c1580aadfddfcb0eaf1ae3d7915 The package @squawk/flight-math was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3496 Malicious code in @tanstack/vue-router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f7c609f55255a1ab5f7fc348536514f317d138538af5ec61ef4efc5a18b9014 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @tanstack/nitro-v2-vite-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f689866f0ed8e6cf47200b7bf613dd377c407e21d5ed6b2a0caf5252e822d8ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nf-ui-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5d1fc3aadbb204f6da1c0db37a6e1b540bdcc3964bd033d5657a067d7e246cc The package nf-ui-components was found to contain malicious code. Source: ghsa-malware 4ab8cac0b0cae1864121f4fd7223e6cb7bb0168d113ece4974f94aae4e2418...
MAL-2026-3164 Malicious code in chai-as-char (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0beb7aa3057c2e6c31e9bb9074f8ac71d5b2ad3a9f65761c0131816ab4bdb8df The package chai-as-char was found to contain malicious code. Source: ghsa-malware e12e1d019bed1dd99212206b54a611003e75acc13943eb13c8ab63cd388adc83 A...
Malicious code in @bitwarden/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6fb2336936a86f37fc2018f8e68dc9989ffc3e79aa23297bf470de178201f50 The package @bitwarden/cli was found to contain malicious code. Source: ghsa-malware 8a8c7958926d5ec3795102e9114dfaa649ae3160afb9159ec2c46f044018b776...
Malicious code in changelog-utils-structured-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59b5bb27f7c03b12e70af2a6d86b388cad7c4fdd02e8ee381f947d291ce9acd The package changelog-utils-structured-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in changelog-cli-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98a1e229322241da9d146f6aad5c96de566b2707088406fd7de40cbb69445023 The package changelog-cli-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2993 Malicious code in @openwebconcept/design-tokens (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...
Malicious code in @otaxayuns/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdf26f95a3bc053fcaa8cd44b920af295f5827655316950894365e150d60f9f7 The package @otaxayuns/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in pdf-linker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14402ea1542260a2cb6471902d5e0d037fecb136e1f2b2995b2741eb775f495d The package pdf-linker was found to contain malicious code. Source: ghsa-malware b496570e3a5a77b10f653cddc3b93d0ae974b01b253f0468a02c169c9fc0eb2c Any...
Malicious code in tailwind-typ (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5e12d01d92bc7efe09d08aba44a4013705ac8993fbb742208b2a4904b7a31c The package tailwind-typ was found to contain malicious code. Source: ghsa-malware 43d9d60c72b77068d9d1e462d69ab2276baf8b651026670535ad3d567aaef837 A...
Malicious code in chatbotloader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78643cb5d37687c0eac0935734bac95f23c01b64ded6bb2f2f090542324042ac The package chatbotloader was found to contain malicious code. Source: ghsa-malware 88ccdb3c34d69b2e53f62caa6b7e61f32e7868fa5893d6fd6d09662189d10b34...
Malicious code in @b2b-portal/kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa5c1b32159c7e6dc9c07e663c7f8cf3b3ee24450a33289a1a79589c69906eed The package @b2b-portal/kit was found to contain malicious code. Source: ghsa-malware 20de22d7080860e2c01f3de58d2809af28e543302e49545749666efd4956c23...
MAL-2026-2653 Malicious code in pinlogger (npm)
The package is a malware due to system info exfiltration via DNS/HTTPS to OAST domains and arbitrary code execution during preinstall. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e78bb72f47ecca78511d87a17bea5f38fb4897dbc117433dfd7667cd97a51d0 The package...
Malicious code in jellyfi-pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1230eb2336763c228ba6ac98d349f8cc64a1ae28755d8da374f336e77aa928 The package jellyfi-pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in base-or-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2deff4ab9db147fda78b79b3687e76c9d46381670c58924f03f852518002a649 The package base-or-engine was found to contain malicious code. Source: ghsa-malware d6d4b7d60db50af8f8a9614f9ac0a742cf6472998e11e6233c6190b518332958...
Malicious code in @logcore/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2200 Malicious code in json-lucide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12d05056fbe7eca08a66d7297aac2b03763073361f0cb33c238a4463f64a0867 The package json-lucide was found to contain malicious code. Source: ghsa-malware 30298bc83e4bdadd246cfdec7006f865348448a5147e0a8258cd4d4feaf7b27f An...