1713 matches found
EUVD-2025-114195
Malicious code in electron-fork-mira-yakutsk npm...
EUVD-2025-121732
Malicious code in spinner-enif-spica-fork npm...
EUVD-2025-122335
Malicious code in sagitta-child-process-zenith-fork npm...
MAL-2025-147408 Malicious code in reveal-md-fomalhaut-prettier-plugin-markdown-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d25496969ba6f5cfa6a577fec4881ee98ade2aa99f41eb8e9d304e1c8971161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145270 Malicious code in nashira-config-fork-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 893df40a746a89d4d64ef239e7ba6265dd6d0d5a966591c11ffbd8f4c401280e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149501 Malicious code in winston-javascript-fork-pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31d8ef523f64895d99cdf3b37549e07b7ff03de07b73488c2b778f8569fd1ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142581 Malicious code in fork-carpo-xenos-element-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73d435d055edbf91ca49fedb64f445e1a347374a30a36f392b0215d325440de2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142589 Malicious code in fork-gulp-bellatrix-semantic-release (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6373b65f6de2f3650a7c758c470a6c57c3364116da0f1ed56b7c095fbcdc50c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143487 Malicious code in hyperion-materialize-nodemon-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08f56f7239d33a4f26bba7157fdc7d40cd6afba61903753d0d863f6362591d5f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-191702 Malicious code in chromifypro (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4138883ad2e38b4a8a4353918126f4732db5f04107be0bddafc745ec97120b52 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
USN-7835-5 linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7835-5: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989485)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989485 advisory. In the Linux kernel, the following vulnerability has been resolved: aio: fix mremap after fork null-deref Commit e4a0d3e720e7 aio: Make it possible to remap aio ring...
x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()
...
USN-7835-4 linux-hwe-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7835-4: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
MAL-2025-49257 Malicious code in fork-spoon-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 230cc34701f276fd7c72ba75f580a0615bc12a6720dd3bedb7d98b99b24651c5 The package fork-spoon-fork was found to contain malicious code. Source: ghsa-malware 0e5798d27152d0cd13a2c05a43a6ffd1ec5ee70023bbffc173181ec3ecee8e3...
EUVD-2025-37249
Malicious code in botty-fork-baby npm...
Malicious code in botty-fork-baby (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 163cfd59ccdc251deb14c3ba812a8125ef8b4970b3d0ce4d99f155b44b359adb The package botty-fork-baby was found to contain malicious code. Source: ghsa-malware 9de1cc3699112a7cab37aafff858654d0c3f789ff52cb908e33691b1006c247...
Malicious Package
Overview icon-react-fork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...