Malicious code in martinez-polygon-clipping-tony (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dabf04b2f99e28eb10740bd7459bf64513fac98a064b60071b1e7aabf8674dd0 Package name impersonates the legitimate martinez-polygon-clipping library: README, badges, and API surface are copied verbatim, while repository...

MAL-2026-4177 Malicious code in did-0091 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a50f30be232b343bc9dff677d6c208f16fff861009dccc9f76409d37264205b On npm install, the package's postinstall script runs node -e to fetch the installer's public IP from api.ipify.org, execute id || ver && whoami &&...

MAL-2026-4175 Malicious code in collected-forms-embed-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b110466fd12f426709ec7f628f63304d175faddb8094d08e8448388ed3114805 The package.json declares a postinstall lifecycle hook that performs reconnaissance and exfiltration on every install. The script invokes childproces...

Malicious code in paysafe-gbp-virtual-assistant-lib-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 940faf3ecfa6ee3c09c995a5f124d4a3b53bf2e2e5eaccea8156ce7bd25494eb The package paysafe-gbp-virtual-assistant-lib-fe was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-4165 Malicious code in paysafe-gbp-virtual-terminal-lib-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8437cc0ad1a14bf5694e8b5fbc17a0616033c1c473c6e71f46684172bc122ab3 The package paysafe-gbp-virtual-terminal-lib-fe was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in paysafe-gbp-virtual-terminal-lib-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8437cc0ad1a14bf5694e8b5fbc17a0616033c1c473c6e71f46684172bc122ab3 The package paysafe-gbp-virtual-terminal-lib-fe was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-4164 Malicious code in identitysecuretokenserv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2704e731d0b82aa5927cf3713f741111b03fe8efb2d886cb0ef472a24705c5e3 The package identitysecuretokenserv was found to contain malicious code. Source: ossf-package-analysis...

CVE-2026-27964 FacturaScripts: Reflected Cross-Site Scripting (XSS) via Cookie Manipulation

FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting XSS vulnerability through the fsNick cookie parameter. The application reflects the cookie's value directly into the HTML without sanitization. The fsNick cookie ...

Malicious code in ctf-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...

MAL-2026-3812 Malicious code in @easytipsportal/node-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9892fc2e2c3a9d9fe3c09548d1f5f2901a296945e9bde7d9ec7876a12720b6cf The package @easytipsportal/node-helper was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in apexpro-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95c8a3b29ed31b909fa4a13a8b310c4cee8f115748f7b708aeab52ab2b66fdbb The package apexpro-node was found to contain malicious code. Source: ghsa-malware e4cc91e23bb614febd12cef6d21d4456fb9cfa198c2aa76215d1b38dd820d9b4 A...

Malicious code in apex-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a26a7f829a26ef83ab119b6d61de6109d553f0b34432bf1efb37d5f56f4064 The package apex-connector was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3816 Malicious code in apex-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a26a7f829a26ef83ab119b6d61de6109d553f0b34432bf1efb37d5f56f4064 The package apex-connector was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in apex-trading (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cf744353f06f389c92cd15c56bf0ec7d29860e8af7c9618413cf65e455428eb The package apex-trading was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3802 Malicious code in @datatrain/passenger-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ff70d96169a200be30c83b3e37506f7abf2f377ed1d6dec8005269d98b58104 The package @datatrain/passenger-v3 was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3741 Malicious code in pyexecutorsme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 326ad16be9056f6cbd75fa4f9a47dec8c3613b56aa53d3e5d439efeef7c6fcad Package attempts to download and execute a script acting as remote access trojan. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in npmjs_solc-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b789c7234e3c391e6e2f6359d87f873205fb341c1bf186194815b16d53c7fa71 The package.json defines a postinstall lifecycle hook that invokes childprocess.exec to run curl -s...

MAL-2026-3723 Malicious code in npmjs_solc-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b789c7234e3c391e6e2f6359d87f873205fb341c1bf186194815b16d53c7fa71 The package.json defines a postinstall lifecycle hook that invokes childprocess.exec to run curl -s...

MAL-2026-3722 Malicious code in npmjs_hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73b9457a26db5dc4cbd5563b20a8ac3cb1ee43af160893d862ff2c0e0d4aea0d The OpenSSF Package Analysis project identified 'npmjshardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The packag...

Malicious code in ethers-wordlist (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e4261f96d799bebaea4ab253b91369a16a0f67f001adbf21399f8330cc4ae011 The OpenSSF Package Analysis project identified 'ethers-wordlist' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...