Malicious code in hardhat-evmchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f369bb56919b0bda50e063229cfaf0fd1b0481d62c6d5fbdf90eb6e5cd6ac6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5072 Malicious code in hardhat-evmchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0f369bb56919b0bda50e063229cfaf0fd1b0481d62c6d5fbdf90eb6e5cd6ac6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview hardhat-evmchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview hardhat-gas-analytics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in hardhat-gas-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0b8dd866d9c1f4516f4e537a2d61ea3cbe87f06b0195a24c0dea76fef44c0 This package typosquats the widely-used hardhat-gas-reporter Hardhat plugin matching its cache filename .hardhatgasreporteroutput.json and replicatin...

MAL-2026-4576 Malicious code in hardhat-gas-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0b8dd866d9c1f4516f4e537a2d61ea3cbe87f06b0195a24c0dea76fef44c0 This package typosquats the widely-used hardhat-gas-reporter Hardhat plugin matching its cache filename .hardhatgasreporteroutput.json and replicatin...

Malicious Package

Overview hardhat-gas-profiler-plugin is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in hardhat-gas-profiler-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...

MAL-2026-4244 Malicious code in hardhat-gas-profiler-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c21e0ec3571fccc81c8e047835e84f75b6f0d95e2e4ee7e3d11537b99eab8115 Package impersonates the Hardhat plugin ecosystem real Hardhat plugins are published under @nomicfoundation/; the referenced github.com/hardhat/...

Malicious Package

Overview hardhat-core-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in hardhat-core-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b62021752710dce40c5fa0491b2c8e75454d25ee7e80bd15e3b5a99ace923ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3728 Malicious code in hardhat-core-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b62021752710dce40c5fa0491b2c8e75454d25ee7e80bd15e3b5a99ace923ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-3722 Malicious code in npmjs_hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73b9457a26db5dc4cbd5563b20a8ac3cb1ee43af160893d862ff2c0e0d4aea0d The OpenSSF Package Analysis project identified 'npmjshardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The packag...

Malicious code in npmjs_hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73b9457a26db5dc4cbd5563b20a8ac3cb1ee43af160893d862ff2c0e0d4aea0d The OpenSSF Package Analysis project identified 'npmjshardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The packag...

Malicious code in hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b72f90917aaff5b42d639bff4d28227b0cd2105ce4d2b109577a76b9d7003ecc The OpenSSF Package Analysis project identified 'hardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2026-3712 Malicious code in hardhat-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b72f90917aaff5b42d639bff4d28227b0cd2105ce4d2b109577a76b9d7003ecc The OpenSSF Package Analysis project identified 'hardhat-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in hardhat-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb86c79e7ed3cd429c0f28bc08e00ce020df2ec42fdda086ad8bfca99f259930 package.json declares a postinstall script that base64-decodes the string 'aHR0cDovLzguMjE3Ljc1LjE0NzozMDAwL3BheWxvYWQ=' to the URL...

MAL-2026-3713 Malicious code in hardhat-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb86c79e7ed3cd429c0f28bc08e00ce020df2ec42fdda086ad8bfca99f259930 package.json declares a postinstall script that base64-decodes the string 'aHR0cDovLzguMjE3Ljc1LjE0NzozMDAwL3BheWxvYWQ=' to the URL...

Malicious code in hardhat-starter-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 127bcfdba774e2dd942b89041f670f62c7523c32b766606d81a1b229b961b1a4 The package hardhat-starter-kit was found to contain malicious code...

MAL-2026-2769 Malicious code in hardhat-starter-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 127bcfdba774e2dd942b89041f670f62c7523c32b766606d81a1b229b961b1a4 The package hardhat-starter-kit was found to contain malicious code...