Malicious code in @bcs-react-ui/context-menu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22d7735468c4f2cdf66767c4b52a6a089b195ea5bb820b82a03690fb0c9586bc The package @bcs-react-ui/context-menu was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2579 Malicious code in @bookiply/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd6b31f3177ed87f264b6338a9fe54bb910142b5622bba68372acbac801268d2 The package @bookiply/core was found to contain malicious code. Source: ghsa-malware 2887f360cb9e14cb6c6065ddc86c7aa69674edb8d09486f31b3256f376894e8f...

Malicious code in typescript-vue-apollo-smart-ops (npm)

The package 'typescript-vue-apollo-smart-ops' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

MAL-2026-80 Malicious code in smartspacestoreapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 131fda466c1132087962cfaaecf0a2f836548024dd31f9f0982764d87534c931 The package smartspacestoreapp was found to contain malicious code. Source: ghsa-malware...

Malicious code in @posthog/rrweb-snapshot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e09f740a4b99a55a685452aa412d77942e67c0de95136282343012196ed7bf41 The package @posthog/rrweb-snapshot was found to contain malicious code. Source: ghsa-malware...

Malicious code in synqroomkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 914da44da2183d035b344098fd0e5fe8c942b80666fa3cbcf855efc2b2239faf The package synqroomkit was found to contain malicious code. Source: ghsa-malware 55bfdc58beccccc6ae0646990cdc186d46c910ef90f5abdcf0c6e4d1d8b52024 An...

Malicious code in isood (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95552c81d5afcf7c02c3015baf503fa6c6fd1e22457eb2ac421aec6353dd50da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tailwind-classes-overrides (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3533ded19e56068694976a22ebcd933310fdb82d4b79857298b09a3f5e30389b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47192 Malicious code in mysteryxyz228 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22682ceec435c59527a3d5aef373a154b9df5154463ebbe5620cc739d5c7e57d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47063 Malicious code in hrpdesign (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e370e366167f90ff8c5a3a171abe2bb14e301cdd2d5499e98f66bd1e653fcf88 Any computer that has this package installed or running should be considered...

Malicious code in @subsplash/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 689eb4db6c52e3ce55d130f22da039b110c816b7a03395db966a87086272fd42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in online-learning-translations (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 868acedaa0c2050db6943bc3a4a1b309e10110417f79ea031b8b01107f4fc599 Any computer that has this package installed or running should be considered...

Malicious code in test.relativity.package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0622baf7ab0ff027e2486e3839df7b968fcf6e47ba57656415c1b3a1005d02c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in zora-logger (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware feca2e7f9d5aafeaafed7175bed1bc94f57e9d037a6427f54219d5a59ecca0a3 Any computer that has this package installed or running should be considered...

Malicious code in ohhttpstubs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 642efaac1637742aa2d3755af417f202219293d844b0c0ec46300fa7fdfaf046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in iceberg-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80881b9c9051ea4744eeccd8038c44bb7bf6fd18b1535d8319cdf556cca76282 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in outline-shadowsocksconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac9c30589865091fb269aa3d3071ffe0d15ca8b8a8848e0363d338514f8b89ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jsonpacks (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac52c02d71a2abffc04dfdf50a9fe8a652c73d1e71d96a44e4c28275f19dd291 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in uignite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b5cad81db450339a0757b061ec3451b681549d64b58b8ef18bb17baf584084d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nusign (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5abb5aed02d3e6ddea2218e353719dd67a4a00bdc801c4347a7ed49f8f08a1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...