4 matches found
MAL-2026-5418 Malicious code in @nstrlabs/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de7b47a7f81209dbbaff286599b46f4f030ff992b6d0c25d947cc84739b838d9 @nstrlabs/[email protected] is a hollow package whose only behavior is an install-time exfiltration beacon. package.json declares "preinstall": "node...
Malicious code in audit-logsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f1d266fef23fc79d6af52affefa68c2220baad023d09a7acc4d439a23dfdb69 The package's postinstall script executes shell reconnaissance id || ver && whoami && hostname, fetches the installer's public IP from api.ipify.org,...
MAL-2026-4506 Malicious code in cb-wallet-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...
Malicious code in cb-wallet-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...