2036 matches found
MAL-2026-3108 Malicious code in @activation_code/success (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00bacff8cfa3ae8a22cfb51c4be0ad025ce42bc29929c07a7eaad6be36c702c The package @activationcode/success was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/cancelled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c6d2bdfddde00dc6bb5663ffb7fd381c2e392a8c65d6a8890b400c219c160d The package @apple-pay-trust/cancelled was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3112 Malicious code in @apple-pay-trust/cancelled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c6d2bdfddde00dc6bb5663ffb7fd381c2e392a8c65d6a8890b400c219c160d The package @apple-pay-trust/cancelled was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apiary-annex/meta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beaea0c4666896c82c0b26b3e24708dbf4e2f28425735b67b5e723802337d51e The package @apiary-annex/meta was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3109 Malicious code in @apiary-annex/meta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beaea0c4666896c82c0b26b3e24708dbf4e2f28425735b67b5e723802337d51e The package @apiary-annex/meta was found to contain malicious code. Source: ghsa-malware...
Malicious code in @activation_code/activate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 051c685a7704a23fd8a744185c9b8551c7acda63ebf95feabd3ca4b9e1f8ede6 The package @activationcode/activate was found to contain malicious code. Source: ghsa-malware...
Malicious code in @activation_code/error (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fec73b17468bf333bb1bf6a071209103b774e371dfbf9961ad522dbd006fff7d The package @activationcode/error was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3114 Malicious code in @apple-pay-trust/finish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9abd2d210c4a5df0e95f326e80b2e6618647c03ba4158e1d6ffbd36d9f7b800a The package @apple-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-internal-dev-check (npm)
Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...
Malicious code in bytedmlp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 747ac5ba3db3b0d1cc24dcec3ffa5c068394edf57bf11d5f28b03526a4eda95d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-3051 Malicious code in shopify-app-extension-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf25a3a07b9adf8865f783819176d646b7c5485aeb1539422555bf596abfeaa7 The package shopify-app-extension-template was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in frank-research-poc-apple (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216e5eb321826d85c29f23b333d509a469f138b5317a41b818da919bc9bf9c47 The package frank-research-poc-apple was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3056 Malicious code in @clearpool/comms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f79c0a598ffe54e6eba22b90afd0c9bbb902c3086178c2ea2a9227e002e399d The package @clearpool/comms was found to contain malicious code. Source: ghsa-malware aac3d8fce06f495311a581ee9a8f6acf42b7ea35162b9a3387ad6040adfef4...
Malicious code in @clearpool/comms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f79c0a598ffe54e6eba22b90afd0c9bbb902c3086178c2ea2a9227e002e399d The package @clearpool/comms was found to contain malicious code. Source: ghsa-malware aac3d8fce06f495311a581ee9a8f6acf42b7ea35162b9a3387ad6040adfef4...
MAL-2026-3059 Malicious code in @clearpool/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81591bb660ad3ae2036615d00a3ff6960ccd2f36789a4f0df65a53ea7a557336 package.json declares preinstall and install lifecycle hooks that collect installer-identifying data whoami, hostname, pwd, $npmpackagename,...
Malicious code in frank-bot-gogle-cloning (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44bf385867bdd18d9634c115e9e423146f198038e6fdb1d6dca9c95743f3af4b The package frank-bot-gogle-cloning was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3070 Malicious code in @tw-marionette/clipboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9309f16e4a8a15191279d206290e2ab8f8dfa9daeae0df7b92c09bc9a1d726e4 The package @tw-marionette/clipboard was found to contain malicious code. Source: ghsa-malware...
Malicious code in @ozon-complt/split (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c1f495268eb36a5d6c7f43e110ffb8cb58953bce375fdb4e6feb02818b3ce0 The package @ozon-complt/split was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3067 Malicious code in @ozon-complt/split (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c1f495268eb36a5d6c7f43e110ffb8cb58953bce375fdb4e6feb02818b3ce0 The package @ozon-complt/split was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fc55ea349311a75b2010e08e3c5bc6ad5498bf7f0ed78d942231a42ca46f8d The package @apple-pay-trust/start was found to contain malicious code. Source: ghsa-malware...