Malicious code in api-rs-node (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

MAL-2026-4348 Malicious code in api-rs-node (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

MAL-2026-4350 Malicious code in clobprice.api (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

Malicious code in clob.api (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

MAL-2026-4349 Malicious code in clob.api (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

Brave Desktop 1.90.121 Security Fixes

Changed IPFS gateway usage from "ipfs.io" to "inbrowser.link" for IPFS domain resolution. - Fixed broken address bar layout for narrow window widths. - Updated body-sniffing to respect "Content-Disposition: attachment" in de-AMP as reported on HackerOne by newfunction. Upgraded Chromium to...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: hey, rancher-system-upgrade-controller, stakater-reloader, git-sync, azure-workload-identity-webhook, hugo, litefs, kubernetes-csi-external-resizer, slsa-verifier, kustomize, kbld, otel-cli, pgpool2exporter, docker-credential-gcr, wuzz, newrelic-infra-operator, kor,...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: hey, rancher-system-upgrade-controller, stakater-reloader, git-sync, azure-workload-identity-webhook, hugo, litefs, kubernetes-csi-external-resizer, slsa-verifier, kustomize, kbld, otel-cli, pgpool2exporter, docker-credential-gcr, wuzz, newrelic-infra-operator, kor,...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: hey, rancher-system-upgrade-controller, stakater-reloader, git-sync, azure-workload-identity-webhook, hugo, litefs, kubernetes-csi-external-resizer, slsa-verifier, kustomize, kbld, otel-cli, pgpool2exporter, docker-credential-gcr, wuzz, newrelic-infra-operator, kor,...

CVE-2026-32288 vulnerabilities

Vulnerabilities for packages: azuredisk-csi, kuma, pulumi-language-yaml, spegel-fips, commercial-chainloop-cli, policy-controller, spegel, dex, argo-workflows-fips, slsa-verifier, flux, buildkite-agent-fips, cosign, tofu-controller-fips, image-factory-fips, kargo, argo-cd-fips, tofu-controller,...

GHSA-X4JJ-H2V8-HQQV vulnerabilities

Vulnerabilities for packages: azuredisk-csi, kuma, pulumi-language-yaml, spegel-fips, commercial-chainloop-cli, policy-controller, spegel, dex, argo-workflows-fips, slsa-verifier, flux, buildkite-agent-fips, cosign, tofu-controller-fips, image-factory-fips, kargo, argo-cd-fips, tofu-controller,...

CVE-2026-32283 vulnerabilities

Vulnerabilities for packages: aws-efs-csi-driver, azuredisk-csi, crossplane-provider-aws-acm, kuma, mariadb-operator-fips, prometheus-postgres-exporter, cert-exporter, k8s-driver-manager, eks-node-monitoring-agent-fips, aws-eks-pod-identity-agent, kubernetes-csi-external-snapshotter,...

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: mariadb-operator-fips, kube-rbac-proxy-fips, spegel-fips, cluster-proportional-autoscaler-fips, tetragon-fips, policy-controller, spegel, postgres-operator, crossplane-provider-aws-ecr, buildkite-agent-fips, argo-rollouts, cosign, kapp, hugo-extended,...

GHSA-378J-3JFJ-8R9F vulnerabilities

Vulnerabilities for packages: k3s, spegel, ipfs-cluster...

CVE-2026-35480 vulnerabilities

Vulnerabilities for packages: k3s, spegel, ipfs-cluster...

blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +9 more potentially affected by CVE-2026-34219 via libp2p-gossipsub (>=0.28.0 <=0.35.0)

libp2p-gossipsub CARGO version =0.28.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-34219 Source advisory: OSV:GHSA-XQMP-FXGV-XVQ5...

Malicious Package

Overview @pumpfun-ipfs/sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @solana-ipfs/sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in @solana-ipfs/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 767b9130ad69548a70a52f86dfe12ae295731bb407cba85504eb9e02c56d64a3 The package @solana-ipfs/sdk was found to contain malicious code. Source: ghsa-malware 980d6b7d6391f5f58861078fac68f9222d3365190f1482debece7ae55b0170...

MAL-2026-2216 Malicious code in @pumpfun-ipfs/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21604418f7961773b23e7b3544ca95874cba1432a87ae6d4127531e651133f78 The package @pumpfun-ipfs/sdk was found to contain malicious code. Source: ghsa-malware...