49 matches found
Malicious Package
Overview ecto-spirit-win-k4n8 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in ecto-win-flag-q2m7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...
Malicious code in ecto-spirit-win-k4n8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bca2b14b2c93ed832aa83a138c20bc53b4e053cf282ef5878333b1f50b803e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview ecto-flag-read-m7p2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview ecto-corsair-whisper-6f3b9 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in ecto-nightly-spirit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...
Malicious Package
Overview ecto-rust-read-f3a9c1 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-5692 Malicious code in ecto-win-flag-q2m7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6344042aff547b32cf30bc456be25e1229f921217ec0d6777f470174df10792 On npm install, postinstall.js executes a harvest-and-exfiltrate chain against the installer's machine. It reads files under /app, /root, and...
MAL-2026-5688 Malicious code in ecto-nightly-spirit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...
Malicious code in ecto-corsair-flag-x9m4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1e74d04f91a92c7c0205e252bc0002095d0c1ce9b9e9390083d267422e8b10 On npm install, postinstall.js executes attacker logic gated by hostname and working-directory checks designed to fire only inside CTF-style containe...
Malicious Package
Overview ecto-spectral-leak-8d4e2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview ecto-win-flag-q2m7 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview ecto-nightly-spirit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview ecto-corsair-flag-x9m4 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in ecto-spectral-leak-8d4e2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed80e7979c97935537c82692c1be6aa9fa4880f76b412057e9d8ed7d66af999f On npm install, postinstall.js executes shell commands that enumerate AWS Secrets Manager across regions aws secretsmanager list-secrets followed by...
MAL-2026-5689 Malicious code in ecto-rust-read-f3a9c1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e73d10b993d9601d0dfe78d143a550ed008b8233beb8b88b7443208e4d0fa89d On install, postinstall.js evaluates a targeting heuristic isRealTarget that fires only when the build environment looks like a real corporate...
MAL-2026-5687 Malicious code in ecto-flag-read-m7p2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47c876fa0bc683b97fe06619068fb4b205e5813e95917d8cd6d9df7a732b1499 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5691 Malicious code in ecto-spirit-win-k4n8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bca2b14b2c93ed832aa83a138c20bc53b4e053cf282ef5878333b1f50b803e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ecto-flag-read-m7p2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47c876fa0bc683b97fe06619068fb4b205e5813e95917d8cd6d9df7a732b1499 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5686 Malicious code in ecto-corsair-flag-x9m4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1e74d04f91a92c7c0205e252bc0002095d0c1ce9b9e9390083d267422e8b10 On npm install, postinstall.js executes attacker logic gated by hostname and working-directory checks designed to fire only inside CTF-style containe...