14 matches found
MAL-2026-4418 Malicious code in @pluxee-connect/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f5056dda18e9a9f440db7379d09fa1f9f7ff087ac00d6684170cddd40c240e9 On npm install, postinstall.js collects os.hostname, os.userInfo, and process.version and transmits them over plain HTTP to...
MAL-2026-4655 Malicious code in qr-code-styling-temp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 004a5cc51cc0e38448c56189fb4437ad113eec163f7ae1a7692b88d6aed71182 The package's install lifecycle script node index.js and its main entry both load lib/core.js, which reads os.userInfo.username, os.hostname, and the...
MAL-2026-3748 Malicious code in @pelmnaads/naads-common-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68990dfacdc750bf464d646aca4855c2dd23bbefcadef1d9638e2d663a23fc57 The package is published to the public npm registry under @pelmnaads/naads-common-logger with version 19999.0.1 — the canonical dependency-confusion...
Malicious code in a2a-chat-canvas (npm)
Malicious package due to suspicious callback URL, hostname exfiltration, preinstall script execution, and only one published version. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d466a45c588940f8279288c439a4665d5368f0a7642c966de8e9fd307bc028b3 The package...
MAL-2026-2524 Malicious code in a2a-chat-canvas (npm)
Malicious package due to suspicious callback URL, hostname exfiltration, preinstall script execution, and only one published version. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d466a45c588940f8279288c439a4665d5368f0a7642c966de8e9fd307bc028b3 The package...
MAL-2026-862 Malicious code in get-incorrect-name-bob (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb10edcf75f6463de2adaa0a621cf5fb215b5431a87d36a3b94e1910fb774ab While disguised as a dummy MCP server, the only real functionality is exfiltrating hostname on importing. --- Category: PROBABLYPENTEST - Packages looking like...
Malicious code in byte-flux-3822a6dd00d6414daba3ae0de3930a5a (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cec00e10a19e19684fc4887fa09aa1025aafc00f1121baacdf55f0c3b2ba9aec A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in byted-flux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a8424c4934716d4a7390731613807c89bca1d0f11a56e3062dacef247d859e80 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in byteqs (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d6ca35190c57f806dbb3337e4639f179f6ece665392e5972341cba92767f2747 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytedsp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 66e4cc5b96bf24d76cba76d3ffd653ae5eddc1926ddd0406c372d62a62cc7052 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in byteff (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a56aa5a63bf5b3ed081b62351f3aedb42fd6c2e834ab240922247add79aee664 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytekafka0-0-15 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0f3f2cbd161379b1f474af51611780606cf694273c13d7f0db7bb3869f03de02 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytesip (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e2991197ed35fecd1cd6b875cde845773ed34ed5c51f1392f237ad8c9d6cb37e A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...
Malicious code in bytekafka (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 32c6550914bf83f03b46acf778161efaee327dd537aa2ce0b6fbc53584c854f4 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...