568 matches found
MAL-2026-3797 Malicious code in dowload_ebok_stalking_jack_the_ripper_by_kerri_maniscalco_james_patterson_b529t (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1486e8a5f17dfc7a56252ff489f714a2ab7a0befd20da59b43d93d31f8587149 The package dowloadebokstalkingjacktheripperbykerrimaniscalcojamespattersonb529t was found to contain malicious code. Source: ghsa-malware...
Malicious code in @beproduct/nestjs-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eead7b1c6446924fec345e042b8bd966ea184deae755f876326cf99040f5f107 The package @beproduct/nestjs-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3505 Malicious code in ts-dna (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90ca06cbc068262aa930c182a5904cba8d5748f32663b648a0b78a183f4fe219 The package ts-dna was found to contain malicious code. Source: ghsa-malware a5660e49e1a2b3661bdf6ce230d7f75889675d5690086f7da2a2a04391dd13a5 Any...
Malicious code in deployment-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a1345a90cd18e2bfa245f91057cca34707e7d325f4318263176d9fbcef25c1a The package deployment-core was found to contain malicious code. Source: ghsa-malware eca5b6ddf4f0df1086d272518f3383c140b5641ecf506100d93a352e2135441...
MAL-2026-3283 Malicious code in temhe-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9e5d48f36a9f7f2fd80c126d14811be70cc210a382e9edc85d3bc1c4c62968 The package temhe-dev was found to contain malicious code. Source: ghsa-malware 117ca92e4f6c30bab5d2538e054b527cadbd72387d055860a3baf428e279c116 Any...
MAL-2026-3265 Malicious code in @bcs-bank/common-constants (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c84c16934aaaeda86ed317c33795f796252ac98aaf9f39208575837332b372 The package @bcs-bank/common-constants was found to contain malicious code. Source: ghsa-malware...
Malicious code in internal-sys-audit-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fa7464d076e1807141a149346864e59a44c3b8e2731c02e05c9d93d0dcf487 The package internal-sys-audit-check was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwind-text-fill (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe1d70f1253bacbb57d827b49a08cede06a039323a86af19cebaa08cefe2cbdd The package tailwind-text-fill was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2937 Malicious code in @tushar-br/file11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cb3ba78b6061a7a5602ba4712bece6b3b689a0add265fdd05b8e6006ec29f15 The package @tushar-br/file11 was found to contain malicious code. Source: ghsa-malware...
Malicious code in okx-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f537a0896e3975393a32700cc7c402b5b84baade9d30694090e625ef37a8a09 The package okx-data was found to contain malicious code. Source: ghsa-malware 41edc2d01a36c24d285496e1d882419e277f6ac2ded1e21f9d6eb4fd13cada75 Any...
MAL-2026-2645 Malicious code in okassistant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec259ed5ca779ea9fce921bd547959b69220b3c9d07ed42c550ecfe2adcec217 The package okassistant was found to contain malicious code. Source: ghsa-malware 26810b15d962f827f687002cec240712d5f77f30a5eeef187362661c1dcff114 An...
Malicious code in @dtc-campaign-wizard/campaign-wizard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f551e16bdd57ec65154ddd0b1ebe5a701abe98d86f25490fb3c36b19e9fa41 The package @dtc-campaign-wizard/campaign-wizard was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2575 Malicious code in @ascend-ops/web-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ec262f68b9b9bd081ce675c1eb28e56c6c630c03cf1ecb680e5b56035f0aaa The package @ascend-ops/web-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in seaport-core-16 (npm)
Package exfiltrates user info to a remote server via wget in test, preinstall, and preupdate scripts. Very few published versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be2cd9e6e61b20566214a0627d5923ec7cbe799e9757d25fd883f46616e5b58b The package...
MAL-2026-2653 Malicious code in pinlogger (npm)
The package is a malware due to system info exfiltration via DNS/HTTPS to OAST domains and arbitrary code execution during preinstall. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e78bb72f47ecca78511d87a17bea5f38fb4897dbc117433dfd7667cd97a51d0 The package...
Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
Malicious code in shakti-pwa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bdac10e664bf4e0a73263401629caf12d2ed80e3cf76f36fa18a7c2d599e5229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2073 Malicious code in @airtm/uuid-base32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5843013e1c89122451c17ec535f73c4e36dc3596c32522dd9b03bbb68637c4f3 The package @airtm/uuid-base32 was found to contain malicious code. Source: ghsa-malware...
Malicious code in @opengov/ppf-backend-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8323ddb6e5666c3c6e638547538eda9089f97e0e3605f39b2a561d9a436d8fd4 The package @opengov/ppf-backend-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/account-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0f59f1f2e562d8ef982bd182aa7338ac92a6d5b4b86234568efb7ed5cb09bd7 The package @emilgroup/account-sdk-node was found to contain malicious code. Source: ghsa-malware...