1813 matches found
MAL-2026-5168 Malicious code in vg-interaction-model (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aba91a5b2aeb99e94b28109825a7ac069669d39c12c118fd37d9ef70afe63261 The OpenSSF Package Analysis project identified 'vg-interaction-model' @ 40.0.1 npm as malicious. It is considered malicious because: - The...
Malicious code in align_rest_api (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a3b4fd5fe3e581dc76f4fbe187da4427e159ff73a717a99c2f519af87ca7b2c8 The OpenSSF Package Analysis project identified 'alignrestapi' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The packa...
Malicious code in @neon-i18n/core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dbdc5bd090d8e85771f77fa3a7a113e08fbfb31de54ae399ed92565bdac246df The OpenSSF Package Analysis project identified '@neon-i18n/core-ui' @ 99.99.99 npm as malicious. It is considered malicious because: - The...
Malicious code in editorial-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97 The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4830 Malicious code in editorial-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97 The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4832 Malicious code in mse-authentication (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a953627a77037de50d82384daca1d98d101c4c09b315ab91fd597a43557fbd99 The OpenSSF Package Analysis project identified 'mse-authentication' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
Malicious code in mse-authentication (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a953627a77037de50d82384daca1d98d101c4c09b315ab91fd597a43557fbd99 The OpenSSF Package Analysis project identified 'mse-authentication' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
MAL-2026-4831 Malicious code in editorial-mse-authentication-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a97fd474e8661c575287f7cc9fddd0ee1ac95240c13653555ca2b416e895b99a The OpenSSF Package Analysis project identified 'editorial-mse-authentication-ui' @ 99.0.1 npm as malicious. It is considered malicious because:...
Malicious code in @databus-service-ui/ui-event (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b82b3af71dce087a185cffa6f3691ad5a4e4c3d9e35154070ef4ad0dd4f15b10 scripts/postinstall.js performs two install-time attacks against any machine that runs npm install. 1 Credential exfiltration: it iterates process.en...
Malicious code in verify-mycommand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f94ffb54a2471d0cc94ce1ea88f741e034221a374f17bfadbd609cb22f14f24 On npm install, postinstall.js executes whoami and id, collects host identity hostname, platform, cwd and CI metadata CI, GITHUBREPOSITORY, NODEENV...
MAL-2026-4289 Malicious code in @stockrepublic/republic-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 300b309644b646817c47a283d8b9aaa018e8ae0f59986207f55fd0c39dca872a The package masquerades as an internal @stockrepublic component version 99.0.0, description 'Runs git diff and saves the output to git.log on install...
Malicious code in @stockrepublic/republic-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 300b309644b646817c47a283d8b9aaa018e8ae0f59986207f55fd0c39dca872a The package masquerades as an internal @stockrepublic component version 99.0.0, description 'Runs git diff and saves the output to git.log on install...
MAL-2026-4290 Malicious code in clipboard-guardian (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cf1e5328821dbb36e54a2d796ad934ebe79257f8927e2ba741016c4a0f2c79d This package is a cryptocurrency clipper masquerading as a clipboard-protection tool. Its postinstall script npm-install.cjs writes 30+ hardcoded...
Malicious code in clipboard-guardian (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cf1e5328821dbb36e54a2d796ad934ebe79257f8927e2ba741016c4a0f2c79d This package is a cryptocurrency clipper masquerading as a clipboard-protection tool. Its postinstall script npm-install.cjs writes 30+ hardcoded...
MAL-2026-4274 Malicious code in power-apps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68653eed66e7343973bc919788864990337f7645072d32a9d7465d4bf4ff4e7 On npm install, postinstall.js executes whoami, id, and reads os.hostname, os.platform, process.cwd, and CI/GitHub environment variables, then sends...
MAL-2026-4267 Malicious code in @newline53/newline-ts-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 475a7ac4130ef9c168565439f8cac230fce87b1d59bc116caec6c712f3a5dc60 On npm install, the postinstall hook node install.js collects os.hostname and os.userInfo.username along with the package name, encodes them as a DNS...
MAL-2026-4266 Malicious code in discovery-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24a1e59b8c5d3ae1059499825bf47d1abe8d362ddefe264f1a429ed9e7e98cc package.json declares scripts.postinstall=node postinstall.js, which executes unconditionally on npm install. The script collects host identifiers...
Malicious code in discovery-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c24a1e59b8c5d3ae1059499825bf47d1abe8d362ddefe264f1a429ed9e7e98cc package.json declares scripts.postinstall=node postinstall.js, which executes unconditionally on npm install. The script collects host identifiers...
Malicious code in @asavie/i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d803002ee95ea92bdcb3a918e1be10930816db383ce2a58a6947afea84e04040 @asavie/[email protected] is a dependency-confusion package targeting an unclaimed npm scope. Its package.json declares a preinstall hook that runs node...
MAL-2026-4265 Malicious code in @asavie/i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d803002ee95ea92bdcb3a918e1be10930816db383ce2a58a6947afea84e04040 @asavie/[email protected] is a dependency-confusion package targeting an unclaimed npm scope. Its package.json declares a preinstall hook that runs node...