MAL-2026-6433 Malicious code in rstreams-shard-util (npm)

The rstreams-shard-util npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

Malicious code in @bdkinc/knex-ibmi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85cc012fb765319451923141ad4b7e0436b8033482b80dfd67bcc460923c2ae0 The package @bdkinc/knex-ibmi was found to contain malicious code. Source: ghsa-malware...