1845 matches found
Malicious code in @breezeai-frontend/i18n-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6ac9fdcbcce08cc6f8e7c4cef2e5fee0a6d39a79341be57b71f5bb219743e05 The package @breezeai-frontend/i18n-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3293 Malicious code in @breezeai-frontend/i18n-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6ac9fdcbcce08cc6f8e7c4cef2e5fee0a6d39a79341be57b71f5bb219743e05 The package @breezeai-frontend/i18n-config was found to contain malicious code. Source: ghsa-malware...
Malicious code in apcyber-test-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4386e2b20fb74fe5b131a23550b9550b4539a3f79056ea8ad08f502453409737 The package apcyber-test-package was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3290 Malicious code in @allyfinancial/allyfinancial-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 274ff2ac2c7d1051fa268e63d390bb70d6b731bcdaebb94f87251067b62d37af The package @allyfinancial/allyfinancial-api was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3302 Malicious code in ally-starter-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac9875cbfe312bac49b96d321664e13d98ff6214d38db1d0b3339500a83204cc The package ally-starter-api was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ally-starter-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac9875cbfe312bac49b96d321664e13d98ff6214d38db1d0b3339500a83204cc The package ally-starter-api was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ally-forms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a3b62d3c11f608087ea0651eb467ec7e0c9e43258abb6df889f64c8d1a6eb61 The package ally-forms was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ally-badges (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 628f679ca3d11168a5d0e0930680b72c113158a013369f538a273ce91cb5e5a6 The package ally-badges was found to contain malicious code. Source: ghsa-malware 9c052706f47011272c0f6a24723dc146f15603ac21d81708fa2b91678889df60 An...
MAL-2026-3234 Malicious code in apexpro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80f8783908329ceda250d21f3d9d39a117f80f8ca55c400c72065449d2a0bc1c The package apexpro was found to contain malicious code. Source: ghsa-malware fb2932c368cbb684114a08865c171d8af11aa8af3738e7d156f5692beccd48d5 Any...
Malicious code in apexpro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80f8783908329ceda250d21f3d9d39a117f80f8ca55c400c72065449d2a0bc1c The package apexpro was found to contain malicious code. Source: ghsa-malware fb2932c368cbb684114a08865c171d8af11aa8af3738e7d156f5692beccd48d5 Any...
Malicious code in codewhisperer-streaming (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f51029062b1172921ad99025d73d75bbf937d2d4c3b111ab8a4d09db2ef91caf The package codewhisperer-streaming was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in path-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba1a7df799b6bd11bd036f1cfb1de6b1dfe0e4e72082be1b8a60537a59e5ae58 path-addon impersonates the Node.js core path module package name path-addon, README claims to be 'an exact copy of the NodeJS path module'. The body...
MAL-2026-3202 Malicious code in eslint-plugin-skyscanner-dates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fa3152c92c23ebec42990f14c77642de971e5a5464b0e7c25ecdea012ac81e4 The package eslint-plugin-skyscanner-dates was found to contain malicious code. Source: ghsa-malware...
Malicious code in sirens-lament (npm)
Four pirate-themed npm packages blackbeards-navigator, beusy, sirens-lament, gunpowder-ghost were published by the npm account beusy with heavily inflated version numbers 209.0.0–210.0.0, a hallmark of dependency confusion attacks. Each package contains identical malicious lifecycle scripts...
Malicious code in ac-sasskit-beta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f511f3bd2772e3721f69519323ae4557eb447a809eef469c46a1c500fe96c1c0 The package ac-sasskit-beta was found to contain malicious code. Source: ghsa-malware 1873c549998c97b796fea0e8381c73ed62d3517f9eac35919b3225ad2a2f454...
Malicious code in apple-appstore-full-library-utility (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c81abc0b0ca85dceebddbddb78e6e2d6d05f87331f11b9a1190ad29d10adb4a The package apple-appstore-full-library-utility was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3140 Malicious code in fivem-monitor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46a604a0acf84f672e7a3235e103f365f9d9f704c96faa12dcb5b9b0a9806004 The package fivem-monitor was found to contain malicious code. Source: ghsa-malware bea91e9a2c853e88f029684fb53cecc15f1960b1ccafb583b1da52a754f9ee4d...
MAL-2026-3129 Malicious code in supertag (crates.io)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8af13a06fb931a42d83e13b19fd998ff62e59ef3d56302bfe9d257e07e2bad46 The OpenSSF Package Analysis project identified 'supertag' @ 99.1.1 crates.io as malicious. It is considered malicious because: - The package...
MAL-2026-3126 Malicious code in lsh (crates.io)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8cd6cecd3051e3998c5f96ec8dbe1bcfffc1ed7133d394a1779c8c1b0252c8c0 The OpenSSF Package Analysis project identified 'lsh' @ 99.0.1 crates.io as malicious. It is considered malicious because: - The package...
Malicious code in lsh (crates.io)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8cd6cecd3051e3998c5f96ec8dbe1bcfffc1ed7133d394a1779c8c1b0252c8c0 The OpenSSF Package Analysis project identified 'lsh' @ 99.0.1 crates.io as malicious. It is considered malicious because: - The package...