3436 matches found
Malicious code in atlassian-marathon-asset-pipeline (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d32d9c71cf7460230bdc7da7e9c9cddc9618a5ca53a66adde25fb5a3e588418 The package atlassian-marathon-asset-pipeline was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3792 Malicious code in marathon-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cdc9efb8f4187062e02260f2126eda85583ad4d7e274c7f3c5d72b900e3eff3 The package marathon-assets was found to contain malicious code. Source: ghsa-malware 79835a80726adeabd12385031ae8c8a34d577b780fce22a9eb86304161ab2aa...
Malicious code in marathon-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cdc9efb8f4187062e02260f2126eda85583ad4d7e274c7f3c5d72b900e3eff3 The package marathon-assets was found to contain malicious code. Source: ghsa-malware 79835a80726adeabd12385031ae8c8a34d577b780fce22a9eb86304161ab2aa...
Malicious code in jenkins-for-jira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8cad9f892c0d9dc4daa1424ece0fdaaeb28938252726be668e5880537046533 The package jenkins-for-jira was found to contain malicious code. Source: ghsa-malware 1f7a28558fe9fa734ff5ef86a48965f24b37790a53a4ec35ca344e548d3818...
Malicious code in atlassian-jenkins-helper-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 526951af835c5c23fe1c8c7b4d5180e324baeae2de710b4a3d862c2e372da4af The package atlassian-jenkins-helper-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3783 Malicious code in babel-6-compatibility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8087b9d84c49b5f44fe119e347d1fe658395eb8af859209bcf8884716692229d The package babel-6-compatibility was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3780 Malicious code in aliyun-internal-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ad3b492d9e89c081c72b95aba3aa4fd0c436a8f5050c7538e57dec619af2258 The package aliyun-internal-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3731 Malicious code in mrgn-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sol-coverage (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6ac3d8c51b3f87a97b7b9724145b73d894fc4027da14122aea3eb6d51bfb671 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3728 Malicious code in hardhat-core-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b62021752710dce40c5fa0491b2c8e75454d25ee7e80bd15e3b5a99ace923ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in foundry-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 650bf2f76e5aa2fc3b175c4b582ce3c3ee8b9ac6fe433ed925f6e521c619c60b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3658 Malicious code in load-bufferjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04d9f5ba202651d252a375411cf609db6f9a7ae83f164f6f2e66559a6dff5b92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Fake Claude search results lure Mac users into ClickFix attack
Researchers found that cybercriminals are using sponsored search results and shared Claude chats to lure victims into a typical ClickFix attack to install malware on macOS devices. ClickFix is a social engineering method that tricks users into infecting their own device with malware. Users are...
Malicious code in @uipath/agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3522 Malicious code in @uipath/access-policy-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87fb4a7ca8257b97a21e311c9322a63b2691136e87c6a8ce12cc648890849f76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3518 Malicious code in @tallyui/database (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d7af140ba49fc46f93bc668a317637f07fe952aa72fa5aaa3c3f16939d221ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @supersurkhet/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dca9eab30c0c493a8981f3457e80b67d82738a2a23c3e4273d09885737a2306c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3503 Malicious code in git-branch-selector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dab170d586455af0816362e715de0907ddaa19adb87c68ef59255139322dde69 The package git-branch-selector was found to contain malicious code. Source: ghsa-malware...
Malicious code in git-git-git (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aee29b689edc0620e25183b269a2b0f9bb0a0e84e74f19d7c876e46712720e72 The package git-git-git was found to contain malicious code. Source: ghsa-malware fa5e0d5e3dc2a5a2cf5a7219b747a751510b5e030e512f041e52851fe28cbe34 An...
Malicious code in @squawk/geo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b40cdbd9c6b1d4f4cfb2769aa09dc2a6c1375426de1eaa166de681740f556cd4 The package @squawk/geo was found to contain malicious code. Source: ghsa-malware ff0e460885b141aab0b22a38b446936439b76287160c78aaad30d7ad4ab22ed9 An...