Malicious code in @shennmine/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04f4d27219071c7adbcedd56c54f0ca559b3d3651e6203b38d5170bb0e239f66 The package @shennmine/libsignal-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2168 Malicious code in chai-patch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...

Malicious code in chai-patch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...

Malicious code in @rexxtheproject/elaina-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35f9ef0d26d553f66ecfe3fb2813906a4a457ec3918fb5c0508441f3e13d3fa4 The package @rexxtheproject/elaina-baileys was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2156 Malicious code in tailwind-animationbasis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 613bfa904c0195c7d59209123554b2be83ed4a0568c174e8b221e22725fec103 The package tailwind-animationbasis was found to contain malicious code. Source: ghsa-malware...

Malicious code in sbx-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...

MAL-2026-2132 Malicious code in sbx-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...

Insyde BIOS SMM Memory Corruption Security Update

A potential security vulnerability has been identified in certain HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow arbitrary code execution. Insyde has released mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs...

MAL-2026-2101 Malicious code in sidebar-basket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd1b121a57bf0b4d96e4f902f6d051ff5b485ab7fc412f8940ce2c294ddb660 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in puzzle-render-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c63be86e7f93cd0f5f6663aa57978a4c6ff6b497ef1aafcddcdbea71e25fa02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-2103 Malicious code in ty-config-provider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6fdfad9d372aeb95a258e5f5c732b57d1d226d7101ccf09a33cd3eb93ab45d59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-2077 Malicious code in @emilgroup/public-api-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd16e6bb382d147e1c65b35af9d28a9c8b96c40f440b3a45b14e160a77beb1ba The package @emilgroup/public-api-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2064 Malicious code in @opengov/ppf-backend-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8323ddb6e5666c3c6e638547538eda9089f97e0e3605f39b2a561d9a436d8fd4 The package @opengov/ppf-backend-types was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2046 Malicious code in @emilgroup/document-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a0db55538f4afebec1f08f4cff1689eb866b7d256eeeabebcd2c52862ec3fe7 The package @emilgroup/document-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/payment-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83fcb6922c65850eff14baf7a463c2b14b358ffebdc5a15c312ec7328a142407 The package @emilgroup/payment-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2045 Malicious code in @emilgroup/customer-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffdd49f845d5d16e6b17778217c493abdb71d809aa288b93b59e69582119c91 The package @emilgroup/customer-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in eslint-config-ppf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cc85236d3cad46c2333a3252ffd8e3b96ae35f96a4ea2a4cb801d17c4e07390 The package eslint-config-ppf was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2072 Malicious code in react-leaflet-heatmap-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2352243757a42dafc23c429819f6693b8f9a56799589414bbb527f35b1f7ed35 The package react-leaflet-heatmap-layer was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1977 Malicious code in json-bundling (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61f19cbc17dc9182ab2266b7b505dedb74da2b797aa6661669f53efd1b86777a The package json-bundling was found to contain malicious code. Source: ghsa-malware debc855dc41e080d6afbfd087c2a01d8d9e5fac885734e59fb2e1adb870d6198...

MAL-2026-1944 Malicious code in couplus-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...