MAL-2025-190937 Malicious code in undefsafe-typed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71757e5cdef13d215b8506dfd5b00831fc29a7a24e208472c79fd40c2abe7967 The package undefsafe-typed was found to contain malicious code. Source: ghsa-malware 1a19664890dd6d9bba23c333e1095114841ef498dec4eaa02c1bff38bc80aa4...

MAL-2025-190941 Malicious code in use-unsaved-changes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96deeb533a3de753f2de9201e46a0a8ccfa79d22d848ed8cbb20f19b36242ae6 The package use-unsaved-changes was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190942 Malicious code in valid-south-african-id (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a363caeeaaa83a715f0d38b64608e11a39a272a42abe53c92dbbacb133dc927 The package valid-south-african-id was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190943 Malicious code in web-scraper-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dfaccc27abfc21f8c77b6fdf8878b91578a74d08526e6995cc52c2922ca3588 The package web-scraper-mcp was found to contain malicious code. Source: ghsa-malware 836f393eb6f0f8e726f2a49d47785c31473723f76d1f6a6e6e2d6d75e53e5dd...

MAL-2025-190933 Malicious code in @ensdomains/ensjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74ce8cdecb360978039fe3643c9104a6e6572f6276b1d852891617c13f8eeb6b The package @ensdomains/ensjs was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190934 Malicious code in @ensdomains/ensjs-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f73575f4b186fbdf20e0a27b2bd9e1fae8839ea9f17e4648c96e6d4bf4f96da The package @ensdomains/ensjs-react was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190932 Malicious code in @ensdomains/ens-test-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3393f85554fe6141b0f72e2f23d0940b102522348e71f60d407dc1471de8f6a9 The package @ensdomains/ens-test-env was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190873 Malicious code in @posthog/automatic-cohorts-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf3963e4ab04b6b37d6cbb3f237a7b5577ddd854a7249a30f8b78dcc063af97 The package @posthog/automatic-cohorts-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190905 Malicious code in @postman/pm-bin-macos-x64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7af6b141ac3ae548c7fadfe1523b270a35c69e8f5c20035f682e9ee726f1bdec The package @postman/pm-bin-macos-x64 was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190877 Malicious code in @posthog/event-sequence-timer-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db26ed26bc40e436602c36fa1c507d324e650f5aeba5a15875e59daadc8a5a14 The package @posthog/event-sequence-timer-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190923 Malicious code in mcp-use (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e38bd6291f6f6d66e34397d1b1495513a53528efac94b63487a1646eb7aa45af The package mcp-use was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190919 Malicious code in @zapier/spectral-api-ruleset (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3f10a9695952f169fff0da94ca1ea47045d97dd486857aad5dbc7b608e2316b The package @zapier/spectral-api-ruleset was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190893 Malicious code in @posthog/snowflake-export-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64fb205150fc65f2334ab9ca1530bec4ef2d4dfea99ca328bfda4c70063ed793 The package @posthog/snowflake-export-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190888 Malicious code in @posthog/pagerduty-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34f138dd2e1bf5607f92e6db9b88a64a178880202726e7dccf9d2970644cf007 The package @posthog/pagerduty-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190927 Malicious code in web-types-lit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35a949be18eda53349645226baa05c49f057d118e0343aee348fe75d0dde61dd The package web-types-lit was found to contain malicious code. Source: ghsa-malware 33c93b24ea8e92f97d8d57123f682db8c606b6c469b013baa1015b99a6de9ee1...

MAL-2025-190898 Malicious code in @posthog/variance-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1c9085321697fd859b0942dbf2e1f3d6ba0f4a32711bf0764e8c511c2b06df3 The package @posthog/variance-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190899 Malicious code in @posthog/web-dev-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8d0531931bec7f4add3b4f255b7f6572d28ff3edf2774f7d076fde394eb405 The package @posthog/web-dev-server was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190922 Malicious code in create-mcp-use-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2781601c3ba0c5d6d4b78bf322d88a4d189473e68d2382c171106342acacd271 The package create-mcp-use-app was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190921 Malicious code in capacitor-voice-recorder-wav (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15d039d86e89d2e74c80f640d3c4dc358a5e3fc0b972d07a1d08b9c5dee3dad9 The package capacitor-voice-recorder-wav was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190907 Malicious code in @postman/postman-collection-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64948ce72be9099e788f3fd4ab6f5a1a67d0012429ae4e198bc7baa85a5197dd The package @postman/postman-collection-fork was found to contain malicious code. Source: google-open-source-security...