1968 matches found
Malicious code in loader1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9578c2db9f9fd58bb7b743e3ca8581aa21f4632bb965dcb53b7a4aaa02e5667 The package ships a single index.html declared as main whose only behavior is to fetch...
Malicious code in sync-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37fba87304c3a7ede2f03b87c89b49a3fb9b7f201befbaf79312da2cce65abc4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in relative-time-live (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffd93ad946d5607c42e226106c1f1b33370e92e92cf0a407928b7349523fec4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10468 Malicious code in nodemon-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf8b1d5b3dd215c6c8d726b73ad11fbb29e7285da9a7e88854552931f750d437 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in nodemon-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf8b1d5b3dd215c6c8d726b73ad11fbb29e7285da9a7e88854552931f750d437 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in abuden26 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 440fa1b32d35cf2c41253e2fd1f63095ea65ac7733fa48edc9abef43877659c7 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in bismillahitidakimas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbdeeb9f66b286397502ebf5d67dacf17f4cc4f58917fa9d201d799bb99c3e2c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in sixseven4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dfd6ff82b27df8c8ecd3520e70b720e0ff6e6f4443e21d1230acebdfd032b6d The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
MAL-2026-10387 Malicious code in thebigyahu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb60a0e719514988070d96c3cedea8d918edccef68203afe3cda86635c607de The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10298 Malicious code in changiairportpromax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13ab194f6c4e1d4197856c229f74ebf46e7eb90ff703ff4dc3172379aea96923 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in omgyesyesyes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1eeb53892156b3a1354703f4f8beb2591548726886a017ccc7129407eb128ed9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in midnightrush (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94313bf7eca9c82a6e6e6d8f3a7230fcdf936da5ff66069639e1957b4a8d2fe3 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @kl-starfish/test-01 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b554249a85dcce61ed69ed5552bd6486b14a3ab2d72b7b243638a8ea24a8339 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in nam-os-a-man (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a483a2ae78f1f6f7d3d4da1ab74cc189f29564e002299f09c19e0d3eb41e40aa The package declares a postinstall hook that runs index.js on npm install. index.js collects the installer's OS username os.userInfo.username, hostna...
Malicious code in log-upgrade (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f55c4d43e953e16c7d0325948c789e0fdf1acefaca4b47ceabf199a5288e6f82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in metrica-chain (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc9d835dca527dc5e6db2124ca93898cd3f4f8bf0b6589a60c0eceed23314d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in chalk-prettier (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a36409ecc80ae4c159621da4530caf78fa06d5003dd2a55e18da3ae92b434cfa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in big256-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 18f547bc04e09d0a4a99ac1e49992abd3dc35c02ad1bd963e8d0d07fd0e11464 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @lodash-en/lodash-en (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccf4c6fcb3eb02a4b990660b8a47961f0cd393915787990149de40ee1b201a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tailwind-animates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4da1c506d3ce6cb8bac934a9b51e967b8c2965de414adb1193ba38a64934a78c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...