649 matches found
Malicious code in @hkyyy/portal-widget-helper-0601 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f72e27d8bfbf5b9bfefe661d642be934399a38031c1bee028a20ed3282e0f482 The package has no real functionality — index.js only exports ok: true — and its sole effect is to run a postinstall reconnaissance script...
Malicious code in nottuff9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c6210eaca44901153bc909ce8f071e22124821bb4f3faaad1c2e9fb1189f46c The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in imillegal2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a225f0551d1cfdc2da755da6241bc992376b5beddd6bc0895ea816391556e985 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in bomboclatwallahi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55a7d4f08c0c79c42f9938a1c11d3d6828907fb309e582faf38065bbd04f5149 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10361 Malicious code in omglucidesotuff (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d144d98f0e90909ee371acfeeec0ad2ffe44450335ddf7f7a58f71a53dc7b107 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in na-rony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 193f3dbfb6073e7b6c5dacb0e79157ccac9c69ac4c23d2c8270cc23d27cab699 package.json declares postinstall: node index.js, causing index.js to execute automatically on npm install. The script collects the installer's OS...
MAL-2026-6964 Malicious code in na-rony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 193f3dbfb6073e7b6c5dacb0e79157ccac9c69ac4c23d2c8270cc23d27cab699 package.json declares postinstall: node index.js, causing index.js to execute automatically on npm install. The script collects the installer's OS...
Malicious code in annotator-harvardx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e60352f3188693c150a75a0c785e9398fd12270a4cd481c3bcb411993beffbbd The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6947 Malicious code in paperclip-host-utils (npm)
The package 'paperclip-host-utils' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, vps-adapter-cor...
MAL-2026-6884 Malicious code in syncora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fad6a402b2081c7bd35f082e81588979985d9e4b458e0a34794e50f4acc14fd7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6855 Malicious code in next-bignumber.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 615f1e472f3fec95854738e64a4e4883676d514db833ca3bfa7a1008c0253a57 Package impersonates the widely-used bn.js crypto library: README, repository URL, logo, and source files are copied verbatim from indutny/bn.js, but...
MAL-2026-6852 Malicious code in metrica-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a0ee3435b3bf0949e63f6770b91c6bb1e2d7912054dc1cb9382e3eae20c84ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in log-format-thread (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e034e855661cc792a14908c613b0d3ae31917a99927ddf0db29b1ae173df0cd Package advertises itself as a log formatter but exposes an undocumented threadContent option on createLogger that is forwarded to a worker thread...
Malicious code in rs-biginteger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796cb1ee4c8398963dcc192d2fc9b425866f40f7a99b467cba1d160234508617 Package presents itself as a big-integer arithmetic library and ships the verbatim big.js v7.0.1 source plus its README. Injected between the P.minus...
MAL-2026-6609 Malicious code in @contentprod-authoring/block-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa028931eef026447363bc2ef44ace207f4f3226de4289e354d26d730fa28186 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vscode-test-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c62d19484eeb938a92dfdcc6cbce9dba47e390676774254b0dc318702a214418 Package occupies the unscoped npm name vscode-test-web, a likely-misreference target for the legitimate @vscode/test-web scoped package. On require,...
MAL-2026-6277 Malicious code in search-from-search (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e2e600c7cba50d7cc3cbff52a18f77e508ec66be3a50cd4960f84771598548 package.json registers node callback.js as both preinstall and postinstall, so the payload runs automatically on npm install. callback.js collects th...
Malicious code in @mastra/deployer-cloudflare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 134b341a4308b5afd16ffa8eaf1c28befc1ebbd10303579f674eba8c480ba0b0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/deployer-vercel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51c995bee89c27de9fc067df60d17baac74e4fec7f1682bc606694bb6f09848c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6042 Malicious code in @mastra/vectorize (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3388ddbcdb1a37e8cb864a2b4b8b7b6a1c7b3dcd00735a6f962f56432a9b0ab The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...