3324 matches found
MAL-2026-6399 Malicious code in normalize-plus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8d9638f9c3f81ac15972cf2ff227b2d426a72c5e37035e54402648fe8120675 On import, normalize-plus's top-level initPlugin performs an HTTP GET against https://jsonkeeper.com/b/CI3HT, parses the JSON response, and evaluates...
Malicious code in multer-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50b4df9cf15644bbea3ed944cbf168fdbad1619d0c3e10fff653b0d48c10bbb3 Package name 'multer-express' is similar to the widely used 'multer' middleware for Express. No malicious code patterns, install-time hooks, or...
Malicious code in sync-external (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc297a0deaba794fdbfccc280a79c7cc895f21fc4e0122b1fba1bc4759b66c3f The package ships an obfuscated JavaScript file at shim/index.js using hex-style identifier mangling 0x391f3f, 0x3eff0a, 0x534564, etc. characteristi...
Malicious code in new-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47f6e9bcab53d95265012a31a4dcfc1485ed6db858e788e68ac2ac1ebc33fc34 index.js imports childprocess and contains execSync calls invoking bash and zsh around lines 301 and 317. Without traced execution context, it is not...
MAL-2026-6202 Malicious code in ethereum-gas-reporter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7303c828115a527d477ea14684b3015e43fdcd36a7fa94041c16ccb3c2fbcfcc index.js line 144 contains require'chai-assert-kit' appended after the module's normal exports, with no other reference to chai-assert-kit anywhere i...
Malicious code in intquery (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf4fe75f735c39be9ffe01686f69fd519c1408dd3473bb833506e1948fbc74a7 [email protected] is published under the name 'intquery' by 'Stagnation Lab', but its README is a verbatim copy of the unrelated project ts-logger-pack...
Malicious code in data-utils-d703 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e172168e5ac500d10ae42718a87676ad44a589b31dbeb5f902ea7fb1c4e6a984 The package declares a postinstall lifecycle hook "postinstall": "node run.js" in package.json that executes run.js automatically on install. run.js...
Malicious code in @mastra/loggers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5225485064c54423eac85ed05753c97466d46c15d9b59dbe48193b115f538b3b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in sodel-pych (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d67bcaf42f4ef050a6b824dfbc2f711d6820f7b3b1140d211110f390e512fa The package ships several files whose names and contents suggest a non-trivial install-time and runtime footprint: a postinstall script...
Malicious code in @mastra/mem0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0103dbf66edb7ceb716e244ea15e4a68e439052d93646cb1107c780e79620541 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/gcs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 722de440c55cc50c4576818745c16ee5105f7cf4c61295943a07826b22be9387 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/voice-aws-nova-sonic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c109adf5a77f9ace07bb1f5ec93cd8d3464bf675b7a93abc5fdfd64669f0c75 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/daytona (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f6f64aaa3f1a7153a8a1bcb09d5f37bf46cbd5855c6fbf2a2b07bdec3ff9d6b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/stagehand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0705d4d586f3c6d9899944e40be408bf7a454e7f62ed811cb4ee5778d707f43 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/docker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a207ac447f34657bb3cf28f05850031dc57ccb5a9b1082e792a7e420ef0fbc0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/claude (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43c60df59e1fa51bbf7a5f6737d2c362f205589d70025f426f1004859168b1fe The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6010 Malicious code in @mastra/convex (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acae13d27edf4e66aa693ee00ce3df3eb508a09c9bf7a9b934a9d3804653f3ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @mastra/qdrant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d56b9276df2c5f66da957d7e30e4ed702cba5053f80e1a9f715b016b2e66a043 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6009 Malicious code in @mastra/cloudflare-d1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b90c0979e73c015971950dfb03979edacfce9b04f146f9b118092118bab6d83a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5999 Malicious code in @mastra/auth-auth0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0fbe96c59a0cfac17ddbee22541fc2ba13a1ef82c91d75bc4b202c66aec4e4d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...