5 matches found
Malicious code in @dsft/ft-element (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a7ba80413e901c3cf618c92bd61dc6942bf167fac46b0dc7c554a4a06f705c1 On npm install, the package's preinstall hook preinstall: node index.js in package.json executes index.js, which reads process.env.INITCWD, derives t...
MAL-2026-5418 Malicious code in @nstrlabs/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de7b47a7f81209dbbaff286599b46f4f030ff992b6d0c25d947cc84739b838d9 @nstrlabs/[email protected] is a hollow package whose only behavior is an install-time exfiltration beacon. package.json declares "preinstall": "node...
Malicious code in audit-logsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f1d266fef23fc79d6af52affefa68c2220baad023d09a7acc4d439a23dfdb69 The package's postinstall script executes shell reconnaissance id || ver && whoami && hostname, fetches the installer's public IP from api.ipify.org,...
MAL-2026-4506 Malicious code in cb-wallet-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...
Malicious code in cb-wallet-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...