6 matches found
MAL-2026-5427 Malicious code in @payment-review/store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d624eaefbb0245bf0c9a7b598c461a3ba5ec48005cfec223898062741ef8c2e package.json declares preinstall: node index.js || true, so installing the package automatically runs index.js on npm install. The script collects ho...
Malicious code in @payment-review/store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d624eaefbb0245bf0c9a7b598c461a3ba5ec48005cfec223898062741ef8c2e package.json declares preinstall: node index.js || true, so installing the package automatically runs index.js on npm install. The script collects ho...
Malicious code in @card-pci-data/store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a82d7b7e7588c4b773e2948eb1707e62f2fcece2bec37a23eda5d5058eae871 On npm install, the package's preinstall hook scripts.preinstall: node index.js || true runs index.js which collects host identity — os.hostname,...
Malicious code in shop-minis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9e3e4e8e9e12bac20967fa551c549a93915b33007d7e54f8bfe0eed26a216e On npm install, the package's postinstall script postinstall.js, run via scripts.postinstall = 'node postinstall.js' collects host identity — whoami,...
Malicious code in arc-diag-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95f08d97107d726a6ae90afbf8e354b84a7e13d4a236bc8766180a362cc8344c On npm install, the package's postinstall hook runs id to capture the installer's uid/gid/group identity and opens a raw TCP socket to...
MAL-2026-4732 Malicious code in workrally (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 502275ca25c6fb0e28db57d91789be11e347b5f21696ed45e15c015d123eaf51 dist/index.js imports childprocess and runs whoami observed at multiple call sites, then POSTs the result to a hardcoded remote URL...