121 matches found
Malicious code in percy-cake-docker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf9ba1c1f0935698da1dc2d1856efe1994c5b21139eec04f6eca712e85925f2 The package percy-cake-docker was found to contain malicious code. Source: ghsa-malware...
Malicious code in @b2b-portal/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a28e67919e3dfef2a8a434caec109791355b6f43d434d22bd9515f348a692c5e The package @b2b-portal/core was found to contain malicious code. Source: ghsa-malware 7a10dd57d5e27c26f36c8207faa6449838827281be33c9ecc99e025cfdea19...
MAL-2026-2101 Malicious code in sidebar-basket (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd1b121a57bf0b4d96e4f902f6d051ff5b485ab7fc412f8940ce2c294ddb660 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @leafnoise/mirage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 157e0e66e325f6fc597250166e5f27d4fef94ef77d3d758ab52e0df7eca85114 The package @leafnoise/mirage was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1476 Malicious code in jalalstealer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18913d1d0805eb9183a23aedfba3cbef762c642f82c079dd24711102fd20951e The package jalalstealer was found to contain malicious code. Source: ghsa-malware d760ddb75dc632737c4e778e0ac4db4522bd8584240834cbefe9bffa1948999c A...
MAL-2026-1521 Malicious code in lit-a11y (npm)
The package 'lit-a11y' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
MAL-2026-1391 Malicious code in @dinzid04/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75cf71f0ce959b1ec335f4481db2cc423250422c02e9bf33d40e12b6f541760 The package @dinzid04/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in mezukabil (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 116aeb117747dfbea2f28ecfaae0e59f69c1c476942bc00335519de4e68a8c84 The package mezukabil was found to contain malicious code. Source: ghsa-malware 554fc63eb509f787fc60a615d7228f13eb692391a1a1dca733d3031716dd2ff8 Any...
Malicious code in bee-quarl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90e7b3eadcb23e766223167d16f561fd64fe44ec63f6e77afefe38966da2fec The package bee-quarl was found to contain malicious code. Source: ghsa-malware 642b83461b49019b47d27820b1dbaed267f2365eecf5fc74467d02192ec662aa Any...
MAL-2026-674 Malicious code in freedom-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4512163cbee4473b3f1fec8504df8a156ada7ac4ca90a763fb9968ba58178ade The package freedom-baileys was found to contain malicious code. Source: ghsa-malware 7c21d9105c9c9c7f67546b69fd620327c3b304280b1113d557601d49a0639cd...
Malicious code in zod-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d6e0134575d22df9c8acb633e41aeb44e167203581cee75c81264667e9bdee The package zod-js was found to contain malicious code. Source: ghsa-malware df349fd5990c0cb74fcaa574f32fd30796c00bbe619ee60bd0eac1a658c7dd49 Any...
MAL-2026-102 Malicious code in redis-cookie-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 509b8c9645600775859de8538bbca62aac7f273789f1b43a370c814e2a061acc The package redis-cookie-ts was found to contain malicious code. Source: ghsa-malware c3c52170c4adfaeed7862716007e61fcaa3cfc702c729b6487746c1f3184f3e...
Malicious code in elf-stats-sugarplum-fir-770 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba9b8e626ecf42f5770535353dad46da3dbae1b468a54040b1024c069ead0f72 The package elf-stats-sugarplum-fir-770 was found to contain malicious code. Source: ghsa-malware...
Malicious code in parashaxmgflhg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdda116bd0a2b0781e654220ab234ff95b506895228408081d28a8feecb133a8 The package parashaxmgflhg was found to contain malicious code. Source: ghsa-malware adaefa29b084fb54754d232d8977f7e409c217633c600de7989054b4e12536ca...
Malicious code in react-svg-fill (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 995c6ef17232fb1949de6b62053246036337cb070a7b06a466bb122d789c9ca3 The package react-svg-fill was found to contain malicious code. Source: ghsa-malware b09c58dca53550942f8c2595496e45d321f85551e7ce7a94e7059e50448f4709...
MAL-2025-192300 Malicious code in elf-stats-marzipan-cocoa-562 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5eef2a7b97397b3b317b2e74da3cf23e6c43147a144bed8c3fbcbb35ca6249f The package elf-stats-marzipan-cocoa-562 was found to contain malicious code. Source: ghsa-malware...
Malicious code in normal-store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f3cc821206cbfa969e8f4e3472a09caf43736b8e70d4ec80ed20931b64406b8 The package normal-store was found to contain malicious code. Source: ghsa-malware 1e1d6a2537e74912ec3831bf85e49e8ba908fc28838ec60c07f7218717ba36ae A...
MAL-2025-190562 Malicious code in node-calculator-3e62 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1703fc5c6d064d50b797ea676b0a02186a5cce75afc97191661b8aaa82624543 The package node-calculator-3e62 was found to contain malicious code. Source: ghsa-malware...
Malicious code in abeya-tg-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37d3c8662c688eccce2f52334ff40029218abfe48b990a194be49c6e01f5fb57 The package abeya-tg-api was found to contain malicious code. Source: ghsa-malware 01b4d597b84a4aa049cd970002730cf004fb59ff7fb53a7c70196644a0c047e4 A...
MAL-2025-49081 Malicious code in dezcord.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1376788b01add01972ac5e18172db4fbfcde5c78e3f51eaf8fc170e5d44532c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...