Malicious Package

Overview private-internal-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in private-internal-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 368f6bede2407a1000e1a32b729d86d4e32e054965cde08ce07b732266c11186 The package private-internal-sdk was found to contain malicious code. Source: ghsa-malware...

MAL-2026-396 Malicious code in private-internal-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 368f6bede2407a1000e1a32b729d86d4e32e054965cde08ce07b732266c11186 The package private-internal-sdk was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-3756

Malicious code in private-internal-sdk npm...

Malicious code in @vietnetco-distribution/internal-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

@activepieces/piece-amazon-s3 (=0.0.2), @adobe/helix-admin-support (>=2.1.22 <=2.1.23) +471 more potentially affected by unknown CVE via fast-xml-parser (=4.2.4)

fast-xml-parser NPM version =4.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on fast-xml-parser and may be impacted: - @activepieces/piece-amazon-s3 =0.0.2 - @adobe/helix-admin-support =2.1.22, =9.0.39, =2.1.1, =2.1.15, =1.11.158, =1.0.4-0, =1.2.39-...

Malicious Package

Overview dropbox-internal-sdk is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...