108 matches found
MAL-2026-3710 Malicious code in ethers-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f43ab2ac9caeed4f5dd0895f4da7d3a646038768f5d0024f443bb527fd1ad95 The OpenSSF Package Analysis project identified 'ethers-logger' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in ethers-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 098acd1dccfed8bcaea9f56206745eef7c9e4cd368599ba23f762a84c86bbc14 The package's package.json declares a postinstall script that base64-decodes a hidden URL http://8.217.75.147:3000/payload and pipes the HTTP respons...
MAL-2026-3708 Malicious code in ethers-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 098acd1dccfed8bcaea9f56206745eef7c9e4cd368599ba23f762a84c86bbc14 The package's package.json declares a postinstall script that base64-decodes a hidden URL http://8.217.75.147:3000/payload and pipes the HTTP respons...
Malicious code in ethers-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7b953533124edcc31e4293ed6bffe010e9110d795f812ba432de8b81d4d558 package.json declares a postinstall hook that base64-decodes the URL http://8.217.75.147:3000/payload, fetches it via curl over plain HTTP, and pipes...
MAL-2026-3707 Malicious code in ethers-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7b953533124edcc31e4293ed6bffe010e9110d795f812ba432de8b81d4d558 package.json declares a postinstall hook that base64-decodes the URL http://8.217.75.147:3000/payload, fetches it via curl over plain HTTP, and pipes...
`tracing-ethers` was removed from crates.io due to malicious code
The tracing-ethers crate attempted to exfiltrate ssh keys to an app hosted on vercel.app The malicious crate had 9 version published on 2026-03-09 approximately 5 days before removal and had no evidence of actual downloads. There were no crates depending on this crate on crates.io. Thanks to the...
RUSTSEC-2026-0040 `tracing-ethers` was removed from crates.io due to malicious code
The tracing-ethers crate attempted to exfiltrate ssh keys to an app hosted on vercel.app The malicious crate had 9 version published on 2026-03-09 approximately 5 days before removal and had no evidence of actual downloads. There were no crates depending on this crate on crates.io. Thanks to the...
Malicious code in ethers-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315365a10d9e3322792c18bdb8c5a8e620bbcc2a9ad8d5a1d5ef139ef6e47777 The package ethers-lint was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-773 Malicious code in ethers-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315365a10d9e3322792c18bdb8c5a8e620bbcc2a9ad8d5a1d5ef139ef6e47777 The package ethers-lint was found to contain malicious code. Source: ossf-package-analysis...
Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that's targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control C2 server, Kaspersky researcher Lisandro Ubiedo said in an...
Malicious code in ethers-5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8842d229aa4e9c24c85ce8a9be99c6690dbf62bef2bdf2ef716865c8a44adda3 The package ethers-5 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49312 Malicious code in ethers-5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8842d229aa4e9c24c85ce8a9be99c6690dbf62bef2bdf2ef716865c8a44adda3 The package ethers-5 was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-33654
Malicious code in web3j-io-ethers npm...
Malicious code in web3j-io-ethers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adbbd3bde158787db574505a858f13ea34575b68e5b097210afebd82fd57aa73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-33655
Malicious code in web3-io-ethers npm...
Malicious code in web3-io-ethers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd381fcab62a4bb995de676e8d28ac7ce56d03bbe312d71965ff538360604c25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48240 Malicious code in web3j-io-ethers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware adbbd3bde158787db574505a858f13ea34575b68e5b097210afebd82fd57aa73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48239 Malicious code in web3-io-ethers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd381fcab62a4bb995de676e8d28ac7ce56d03bbe312d71965ff538360604c25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @flashbotts/ethers-provider-bundle (npm)
The package @flashbotts/ethers-provider-bundle was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88980ba81c782cffc6fd3ec8404e5c34d79fe5ae04b08f979135e503c9b01c4f Any computer that has this package installed or running should be...
Malicious Package
Overview sdk-ethers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...