3 matches found
Malicious code in @doaction/eventemitter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 865100529f6c19b1eff05a47c96abd2d4eb5dba0d4fc0af838c307c816072a20 The package is a thin shim. package.json declares preinstall: node scripts/postinstall.js, which requires @doaction/shared/bin/preinstall.js — meanin...
Malicious Package
Overview @doaction/eventemitter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2026-5370 Malicious code in @doaction/eventemitter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5221b351f74900764906fd20a62e5c3f390473ed87a1d4fb781e34d3ffd2f623 On npm install, package.json declares "preinstall": "node scripts/postinstall.js", and scripts/preinstall.js unconditionally executes...