937 matches found
MAL-2026-3348 Malicious code in @rivianlabs/bedrock (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d12061e491ebc9109496b77ffd62384bba9a781ac9f0579343a61c5742df351 The package @rivianlabs/bedrock was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in bizsignupnodeweb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ceaf1cee13e367f987a97f8de4c8fb4985ab1eedd49be1912467793dce9f0ef9 The package bizsignupnodeweb was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tripica-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2094e4c510f7d9f01acaf3dcdb4e2fda46afbe56f235d8168d81bcb984e52fc3 The package tripica-library was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in api-umbrella-admin-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f5afbcc650f7845d47544c5033aba92c5a2ab80d2e0d27e99437ef31cc6c249 The package api-umbrella-admin-ui was found to contain malicious code. Source: ghsa-malware...
Malicious code in demeter-protocol (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
Malicious code in api-react129 (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in @hpx-core-experiences/react-my-account (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6805 Malicious code in nodejs-with-singlestore-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2dfae81e2129cf717fbae5a22ecd1938d1ea741de0968e42d5363363d6ea2dfe The OpenSSF Package Analysis project identified 'nodejs-with-singlestore-demo' @ 1002.0.1 npm as malicious. It is considered malicious because: ...
MAL-2025-6803 Malicious code in packaging-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 343a977aea5f3758575b0bb285b1b1c6faf664546c14b1118a3b4c72798a0f55 The OpenSSF Package Analysis project identified 'packaging-common' @ 7.7.8 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6799 Malicious code in epiro (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7122f2d54ca4daac05c1acb2f7b2606264eb310be4585dc75a345a1d38ec52ab The OpenSSF Package Analysis project identified 'epiro' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicates...
Malicious code in @evt-cdk/core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8a0ad11a64b544d80bc12997810cd5b4bf68f64136221617a6f7d54173491f7 The OpenSSF Package Analysis project identified '@evt-cdk/core' @ 7.0...
MAL-2025-6796 Malicious code in lynx-libs-mono (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7dcde725ba12b559bfd1e62b8d6058ced4b0a5ed11b9f168f8f6f576b42ef801 The OpenSSF Package Analysis project identified 'lynx-libs-mono' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6795 Malicious code in productboard-freemail (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6a6e97fd17d98afb5fe43af9593d6e212069bdd9fcf008969bb1773d097e22b7 The OpenSSF Package Analysis project identified 'productboard-freemail' @ 10086.0.1113 npm as malicious. It is considered malicious because: - T...
MAL-2025-6789 Malicious code in dionisio (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eafd017c48863d43324ba67c2aa3770cc03881cca223fccfc91da0e8af92c1fa The OpenSSF Package Analysis project identified 'dionisio' @ 2.0.0 np...
MAL-2025-6790 Malicious code in productboard-html-to-image (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24e8ec19821daa19bdac16799a3680ec30ae9d528b20a58e0d8c5314c9c6d791 The OpenSSF Package Analysis project identified...
MAL-2025-6788 Malicious code in gsochub (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6c4ef23e2b37d9180f06b73ca4d6c919d854525b1bdf01ce97cb156df68e2c6b The OpenSSF Package Analysis project identified 'gsochub' @ 8.1.2 npm...
MAL-2025-6704 Malicious code in byteplus-public-aiso (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-6703 Malicious code in byteplus-platform-runtime (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-6770 Malicious code in thisisthedaventestz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-6700 Malicious code in bp-console-fe-sg (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 521bbcab75dfeaca681fe4eedeb12dcfbe52f54514441c4c397cf234030ca4e1 The OpenSSF Package Analysis project identified 'bp-console-fe-sg' @...