560 matches found
MAL-2026-2937 Malicious code in @tushar-br/file11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cb3ba78b6061a7a5602ba4712bece6b3b689a0add265fdd05b8e6006ec29f15 The package @tushar-br/file11 was found to contain malicious code. Source: ghsa-malware...
Malicious code in okx-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f537a0896e3975393a32700cc7c402b5b84baade9d30694090e625ef37a8a09 The package okx-data was found to contain malicious code. Source: ghsa-malware 41edc2d01a36c24d285496e1d882419e277f6ac2ded1e21f9d6eb4fd13cada75 Any...
MAL-2026-2645 Malicious code in okassistant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec259ed5ca779ea9fce921bd547959b69220b3c9d07ed42c550ecfe2adcec217 The package okassistant was found to contain malicious code. Source: ghsa-malware 26810b15d962f827f687002cec240712d5f77f30a5eeef187362661c1dcff114 An...
Malicious code in @dtc-campaign-wizard/campaign-wizard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f551e16bdd57ec65154ddd0b1ebe5a701abe98d86f25490fb3c36b19e9fa41 The package @dtc-campaign-wizard/campaign-wizard was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2575 Malicious code in @ascend-ops/web-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ec262f68b9b9bd081ce675c1eb28e56c6c630c03cf1ecb680e5b56035f0aaa The package @ascend-ops/web-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in seaport-core-16 (npm)
Package exfiltrates user info to a remote server via wget in test, preinstall, and preupdate scripts. Very few published versions. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be2cd9e6e61b20566214a0627d5923ec7cbe799e9757d25fd883f46616e5b58b The package...
MAL-2026-2653 Malicious code in pinlogger (npm)
The package is a malware due to system info exfiltration via DNS/HTTPS to OAST domains and arbitrary code execution during preinstall. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e78bb72f47ecca78511d87a17bea5f38fb4897dbc117433dfd7667cd97a51d0 The package...
Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
Malicious code in shakti-pwa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bdac10e664bf4e0a73263401629caf12d2ed80e3cf76f36fa18a7c2d599e5229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-2073 Malicious code in @airtm/uuid-base32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5843013e1c89122451c17ec535f73c4e36dc3596c32522dd9b03bbb68637c4f3 The package @airtm/uuid-base32 was found to contain malicious code. Source: ghsa-malware...
Malicious code in @opengov/ppf-backend-types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8323ddb6e5666c3c6e638547538eda9089f97e0e3605f39b2a561d9a436d8fd4 The package @opengov/ppf-backend-types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/account-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0f59f1f2e562d8ef982bd182aa7338ac92a6d5b4b86234568efb7ed5cb09bd7 The package @emilgroup/account-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in @emilgroup/api-documentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58c245a310d05383d1fdf2e98691e5ea42d0505bdab8e27120537609d6bb4acd The package @emilgroup/api-documentation was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1974 Malicious code in @fr3newera/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fba6d334ab723d77261982b048c8728dfdd60454bac47a0c23322ac7251e4c8 The package @fr3newera/baileys was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1982 Malicious code in xyztttxyz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ec60812ab8ac06f92ad0543c7a16f930da49afbc1ca5e10e6cabffe3ffe1ddb The package xyztttxyz was found to contain malicious code. Source: ghsa-malware c7299da569fb2428ffb4bcb1641a07a7879e89460f46405e2257197a6f4fe2a3 Any...
MAL-2026-1963 Malicious code in polymarket-onchain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2766ecc75c1eebb5fc12c56509494d72472b8b2a8a2c0ebdb296bdfbcc06023d The package polymarket-onchain was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1443 Malicious code in es-lint-builder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cb77bc53967094108e0dec0e00ddd13bef1d74b3482d959c28c4fc13753cd49 The package es-lint-builder was found to contain malicious code. Source: ghsa-malware e4f62649e3a09df9cabfd19d23538447b0d8762de9506c23c5b27c4a6882967...
MAL-2026-1369 Malicious code in kinggupong (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e715c2381b97a44dc664b3fbb1faf1977b339bc9cc51ad7722b09e24caa2f63 The package kinggupong was found to contain malicious code. Source: ghsa-malware 47fb80c46fcfaba8da9b01d5f99700a8a98a138ce3936b2ed9393db423d5b718 Any...
Malicious code in react-svg-anchor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e014ccf1aaf52a0f5ad92a977b2fb987b63be3ae7bdf8fa9b5f8813f68040344 The package react-svg-anchor was found to contain malicious code. Source: ghsa-malware d539493dcc209d4d478ffa4a5893cd5cd01ee1d994700b9492b651c8aeb372...
Malicious code in @wgu-edu/wgu-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d26d12da6d55658bcd129c71b6cd484c74498f993ec35f2219f69b6b8018ccee The package @wgu-edu/wgu-icons was found to contain malicious code. Source: ghsa-malware...