3029 matches found
Malicious code in slds-lsp-client (npm)
The slds-lsp-client package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Salesforce SLD...
Malicious code in salesforce-vscode-slds (npm)
The salesforce-vscode-slds package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a...
Malicious code in chat-adapter-zoom (npm)
The chat-adapter-zoom package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a Zoom...
Malicious code in fury_frontend-andes-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29bea4f118854efa6568545722d7210a76e06e64cad4036e0cc0b45c45aafe37 The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo, current working...
Malicious code in @luminarycloudinternal/lcvis-st (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8dffb72c9f767cbd071bf482fce9acb1ff2283a4800b7862739348b7a89e24 Package @luminarycloudinternal/[email protected] is published to the public npm registry under an internal-looking scope with an artificially high...
Malicious code in higherlogic-ocfe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f73e9c228fc5188d602b213f2c6e7f88d6acbb4a9381667b7c33e4cb825aedf2 Package [email protected] is a dependency-confusion lure targeting the Higher Logic vendor namespace. The published index.js is an empty...
Malicious code in ag-charts-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29c50b5a47dde18daf83760926662df3b9890de074cc00938de04892ac79a4d9 [email protected] is a hollow package empty index.js, no scripts, no documented functionality whose sole effect on installers is resolving its...
Malicious code in visa-cli-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0e8f566e285de1eec2c3cae07b0faaa8828080a4e1fed7e76e1fe43dfa571ec Package presents as an internal-looking corporate tooling name 'visa-cli-tools' published at an inflated version 99.9.1 — the canonical...
Malicious code in @luminarycloudinternal/frodo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58ed68e675b2b6cde30e6b7c8e34077eda805a4bde64ca7cd2c68c6f4370ee5f Package published under a scope shadowing internal Luminary Cloud packages @luminarycloudinternal at version 9999.0.1 — the canonical...
Malicious code in paysafe-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12ef2b75345902c9fe851d85e09c4b6680a3685669ab4dcd8b827ebaebb46626 Package metadata claims to be the 'Official Paysafe SDK for Python' by 'Paysafe Developer Team', but the shipped module is a stealer disguised as a...
MAL-2026-6929 Malicious code in paysafe-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ae864f77805fa7e1facccf45d1af67d37603c5a085f55d733d9d3eb8cf4d26c8 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-payments (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2b7f287703755dab866acf1047a148e321d06a84353238936eaba58b6e7fda Package impersonates the Paysafe payments SDK metadata claims 'Paysafe Developer Team', 'Paysafe Payments processing library' but its advertised...
MAL-2026-6928 Malicious code in paysafe-payments (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cc8e13806589e7fbb3dbe284624b88d6de8c030f32c04c20f8c76af059f33515 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-kyc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c619e500f8070a5525694f42547c0b73e8189965f8816f1a124190f50bed6f5 The paysafe-kyc package impersonates a legitimate Paysafe KYC/payments SDK author string 'Paysafe Developer Team', base URL https://api.paysafe.com,...
MAL-2026-6927 Malicious code in paysafe-kyc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7089650efc5360b819e8831801bcedf6489945f5b563729e99f036461bd59092 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in paysafe-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d9cc9039ffa3e8cadc8a24b0ccd83bcc8eca2fe88e25f35b2022cc1957220fb paysafe-api impersonates the Paysafe payments provider package name, description, author 'Paysafe Developer Team', and use of api.paysafe.com /...
MAL-2026-6926 Malicious code in paysafe-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 caf46df1f47845e37bbc00d4e8f160dcf057b67aee189c7e7919f32d662f2915 When using a provided class, the code exfiltrates basic data and parts of sensitive env variables to a remote host. --- Category: MALICIOUS - The campaign has...
Malicious code in @deathpoolxrs/dependency-confusion-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074dc1352aecc512f6de67bd23de8f920559302127e1d6da86a9001a499c6adf The package was found to contain malicious code or consuming dependency that contains malicious code...
Malicious code in enbd-react-error-boundry (npm)
The enbd-react-error-boundry package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization an 'enb...
Malicious code in box-react-uix (npm)
The box-react-uix package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'box' internal...