Malicious code in koishi-plugin-yuan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca3069b86d0de573768e010f6ee414d10454b7aa241d17bfa056ca2d7665e533 koishi-plugin-yuan exposes an HTTP endpoint /api/bind-cookie that accepts Bilibili user cookies including SESSDATA and bilijct and forwards them via...

MAL-2026-4596 Malicious code in koishi-plugin-yuan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca3069b86d0de573768e010f6ee414d10454b7aa241d17bfa056ca2d7665e533 koishi-plugin-yuan exposes an HTTP endpoint /api/bind-cookie that accepts Bilibili user cookies including SESSDATA and bilijct and forwards them via...

Malicious code in koishi-plugin-fusheng-count (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 060196a35f8eb94f7e91f892daf62aee8e293d16130565dfbc837877df264db5 lib/index.js contains a base64-obfuscated hardcoded user ID Buffer.from"Mjc1OTcyMDE2MQ==", "base64".toString"utf-8" decoding to QQ ID 2759720161 whic...

MAL-2026-4595 Malicious code in koishi-plugin-fusheng-count (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 060196a35f8eb94f7e91f892daf62aee8e293d16130565dfbc837877df264db5 lib/index.js contains a base64-obfuscated hardcoded user ID Buffer.from"Mjc1OTcyMDE2MQ==", "base64".toString"utf-8" decoding to QQ ID 2759720161 whic...

Malicious code in koishi-plugin-fusheng-car (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35bbb2f7cdae32f1a5012363b81298fd339c96b83718db535d77c0bdc0f936ec lib/index.js contains a hardcoded base64-encoded QQ user ID 'Mjc1OTcyMDE2MQ==' decoding to '2759720161' checked inside the plugin's permission gate...

MAL-2026-4594 Malicious code in koishi-plugin-fusheng-car (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35bbb2f7cdae32f1a5012363b81298fd339c96b83718db535d77c0bdc0f936ec lib/index.js contains a hardcoded base64-encoded QQ user ID 'Mjc1OTcyMDE2MQ==' decoding to '2759720161' checked inside the plugin's permission gate...

Malicious code in koishi-plugin-pinhaofa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30ba527f97890bef38b3c287ded03788926167b31ef67011f5bb2eed00c04b8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in koishi-plugin-majjan-nanikiri (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6887f78c1033e92ccb5aab19fb7c9403c34d9136624def09f8944b43603dfdeb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4366 Malicious code in koishi-plugin-majjan-nanikiri (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6887f78c1033e92ccb5aab19fb7c9403c34d9136624def09f8944b43603dfdeb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4367 Malicious code in koishi-plugin-pinhaofa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30ba527f97890bef38b3c287ded03788926167b31ef67011f5bb2eed00c04b8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...