18 matches found
MAL-2025-7836 Malicious code in @epc-infra/cicd-stack (npm)
The package @epc-infra/cicd-stack was found to contain malicious code...
Malicious code in @epc-infra/cognito-stack (npm)
The package @epc-infra/cognito-stack was found to contain malicious code...
Malicious code in @epc-infra/lambda-utils (npm)
The package @epc-infra/lambda-utils was found to contain malicious code...
MAL-2025-7840 Malicious code in @epc-infra/vpc-stack (npm)
The package @epc-infra/vpc-stack was found to contain malicious code...
Malicious Package
Overview @epc-infra/cognito-stack is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview @epc-infra/edge-stack is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview @epc-infra/dynamo-stack is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview @epc-infra/cicd-stack is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
MAL-2022-236 Malicious code in @epc-infra/app-lookup-stack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bbe84e4aa37a9b2484d307db5f4e3ac6dc202acbd2d528d2949bd1c1ce0e43c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/region-only-policy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03aeca5ad9dc6bebb0249d07c948fc2913ba7b25fdc41cea4a5c78c8bf672958 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-239 Malicious code in @epc-infra/dns-stack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 899932fc30250267552612a2fb30eb0b139b8e3503774b1fddddf95b65f6c618 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-241 Malicious code in @epc-infra/region-only-policy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03aeca5ad9dc6bebb0249d07c948fc2913ba7b25fdc41cea4a5c78c8bf672958 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/stack-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d37356aab514ee977ba45a8e6b7004158d85893c2f6d5544314656f41789348b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-242 Malicious code in @epc-infra/stack-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d37356aab514ee977ba45a8e6b7004158d85893c2f6d5544314656f41789348b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/dynamo-stack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d45f7863b32e8818b117c91b3f213e270acfa8104a223f2ad0ede0cfadf83e53 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/dns-stack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 899932fc30250267552612a2fb30eb0b139b8e3503774b1fddddf95b65f6c618 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/clinstestpackage (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9960278b8fe842784b23bfe1b25691881cd6b765f159735025d6709ad0ef8dd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @epc-infra/users-stack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf73169208787ddafa275f2837c6596a96541a2c4b1526a4cdd468678bfa4e47 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...