554 matches found
Malicious code in token-usage-tracker (npm)
Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...
MAL-2026-3519 Malicious code in @tallyui/theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34578fa5c77db2b21dd15d3357fc2b7c4d36a2ce4d1d44f86daa5c04561d662c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in in-app-marketing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d475c46e8eda7ca153485336dce8c0b7d3bf8e3ea31a871232bc815438bc140c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2061 Malicious code in @emilgroup/tenant-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d887c661a1552423bf923bf1028ef4aabb762dc2fa329db39e8b4552ce32803 The package @emilgroup/tenant-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in npm-demoo-1111 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c2199a37f518fbd8345def58b16a83c07aaf6aae9b837f6ec6d96a179f97849 The package npm-demoo-1111 was found to contain malicious code. Source: ghsa-malware 12073b21cd21241e9d8a004221c9e22d323091d95e7b5b9bdde2f1b20883aea4...
MAL-2026-1416 Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
MAL-2026-750 Malicious code in dspmobile (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcd390d34dbfd7246c65b551f8b71dfaba4b78fa438e818cab41a0ea35716c21 The package dspmobile was found to contain malicious code. Source: ghsa-malware 73466b34e7f0da321f410baa9db15370fbf0563af429ef587315608e3507f2b6 Any...
MAL-2026-556 Malicious code in digital-music-dynmsg-ribbon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 539cc4d9f61bd9add970da883b5bd746b0b08614fbf948e143e6a35c606e593f The package digital-music-dynmsg-ribbon was found to contain malicious code. Source: ghsa-malware...
MAL-2026-424 Malicious code in plugin-react-swc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197cedd065670a6a39b4401d52b2a636d5ff18f26c378b571770286a807ec467 The package plugin-react-swc was found to contain malicious code. Source: ghsa-malware cba9afea98505469e9b9f36095ab566e5cd857b54255290d9defa67c40c62a...
Malicious code in test-thegenetic-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a1aa78e95a98adc8d2ce9a727c53e49e1a1cd5d91a052d5aadcb2ead7afe050 The package test-thegenetic-module was found to contain malicious code. Source: ghsa-malware...
Malicious code in yellowdiscordlookup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a458f47de1b6a86fa1139c7fa7def7c0035d181b6db01d635374e0e6058893a9 The package yellowdiscordlookup was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192650 Malicious code in viktorparserctf4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00678c1855d2692f49a5643aecec33c4181e61a390c1852ee6b7200f0c2f3ca1 The package viktorparserctf4 was found to contain malicious code. Source: ghsa-malware 0961c05d572349a1c68d499506c8317678a9f123ebbeaf7540186a8cbf6f87...
Malicious code in sdbao-content-sems (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 050ceeb8145a6cac66b0539a7be8d50c66979cd72b54055f3c49c0c40823fd6b The package sdbao-content-sems was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191449 Malicious code in @accordproject/markdown-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa9047c76812b92b2e951857e7b8b36154b6662c2483ca7528bfa6af593c69c7 The package @accordproject/markdown-cli was found to contain malicious code. Source: ghsa-malware...
Malicious code in inmaa-map (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14a71a1334fb3a18076752ed1d28b6fa7cc43dc4f4b612d102624e00dcdf53cb The package inmaa-map was found to contain malicious code. Source: ghsa-malware 56eac0e53cd10844280484abbd6456539bce6cd1e970a33a3707d49612ac8a88 Any...
MAL-2025-48589 Malicious code in workflows-enterprise (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b771d1114b155b3dc1b86df3009f418d2291384328cfa8c9f0b0d35e7808b19 Any computer that has this package installed or running should be considered...
Malicious code in orbital-ledger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80af837fad83b84c1ad95565252cbe98fcb96e2080c254227845e40322e14fce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in redirect-thzyis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb1ca436020478ea4097dedee0cdf233b13e7c6a6a228b80047ae972166d44bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in redirect-04g1my (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ceeff2d660ec118da0bb2760f71c9856220b0a429a44f0c5b750847fb8b557f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in redirect-3viu68 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 241a41d0003d0cf1fa1c5cc576172322520772e7d459469dcbccf8423132d6f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...