62 matches found
MAL-2026-3337 Malicious code in @t-in-one/save_application_hid_to_storage (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...
MAL-2026-3017 Malicious code in react-spa-npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43b35510ff33bc6f887152176f91fb63f2a336c8822c151ac6039ccced83c96b The package react-spa-npm was found to contain malicious code. Source: ghsa-malware c9044f471d6c131db0da2c97994b81cd8d2680486695f42dec152b2b23f5e0be...
Malicious code in exprrrress (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3605883655f4870250aaab1c630151c6264e54521d1a711a088871de1fe5ea5 The package exprrrress was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2235 Malicious code in srcsrctest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a44b46855732b5a5522c0a1ea3ef88d5977daad1bfa5c39b42e0324e52fcf6f8 The package srcsrctest was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2025 Malicious code in remitly-blog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dc307937a69a928785741aaf42f1e0e6ddea72dd3d7f7919c4ca4864d9835b4 The package remitly-blog was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2007 Malicious code in uniswap-info (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4b0c2ab6814aa67c139dffb11add8c0013caa86df1cffd6c9e1c0de09bd395c The package uniswap-info was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1378 Malicious code in f0-service-address-doctor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fb126414f1575e7289915e4edd746dbac3d039a0a433f5069309acc281e7892 The package f0-service-address-doctor was found to contain malicious code. Source: ghsa-malware...
Malicious code in adroit-websdk-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2635788b71e7d2d9a220ca0717bb46d6704bb205393b2f479105c20d9f94735e The package adroit-websdk-server was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tripica-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2094e4c510f7d9f01acaf3dcdb4e2fda46afbe56f235d8168d81bcb984e52fc3 The package tripica-library was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-168 Malicious code in @zuora-marketing/linting (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddcfd1151af868e694a4a79307ce1284331ad88b8ff631651f3fd2c47fbf342a The package @zuora-marketing/linting was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-163 Malicious code in do-not-install-this-package-002 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dc0f1ed2645f37e4b8df59ccca64288a02f6cc07009489c54565dfc5b0089f19 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...
Malicious code in ing-feat-ui-image (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14224c001e46452a2945aa0f8597214b5f82350c3aeddc53076f9759ce948e18 The package ing-feat-ui-image was found to contain malicious code. Source: ghsa-malware...
Malicious code in elf-stats-ginger-wreath-646 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0736ed9611847ba4c5416cd0bd8ba33bae114769eec8947e7d58c85c3ce100c1 The package elf-stats-ginger-wreath-646 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49306 Malicious code in sechub-openapi-ts-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbfa8eb5cccd4e8e722c4df1147efab7d4c4084b31710e417b10b87bf1d63267 The package sechub-openapi-ts-client was found to contain malicious code. Source: ghsa-malware...
MAL-2025-48528 Malicious code in canary-ng (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74897d1cb26c40f57347ed1208575b63c7c1feb3a92ea2bef8bc84db2700bd8a The OpenSSF Package Analysis project identified 'canary-ng' @ 1337.1.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-48458 Malicious code in src_plugin_index_ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 396cc58d08775057aef35e59ad51a28c7379449f6f00332d193138ff8b9de09a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rsi-configuration-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a9a3e53f5018108f5ce8abbccd7313ccac30e61c7985e5d7d90291c30299957 The OpenSSF Package Analysis project identified 'rsi-configuration-module' @ 1.1.2 npm as malicious. It is considered malicious because: - The...
MAL-2025-46934 Malicious code in monolith-twirp-odometer-core (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 559151bc8f149e686c1483fbc9ed476a900c5109a87ed60f413125cf9d178db7 The OpenSSF Package Analysis project identified 'monolith-twirp-odometer-core' @ 1.0.19 rubygems as malicious. It is considered malicious becaus...
MAL-2025-46922 Malicious code in spamurai-dev-kit (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6809fd87c593e76bcb0bd4a719cab9e51e2d3b617f9a172d0a8a2f68a09474e7 The OpenSSF Package Analysis project identified 'spamurai-dev-kit' @ 3.0.1 rubygems as malicious. It is considered malicious because: - The...
MAL-2025-41313 Malicious code in oracle-agent (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d9d5212e69633af1e55a9b35fa8e007e2b50c2905c3549e44f047e8ab061e157 The OpenSSF Package Analysis project identified 'oracle-agent' @ 99.0...