Malicious code in @43uh3ig43/telemetry-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37d4a096b834c0d9acdddefee09b0c6cb4d8c6f68513b2ebb4ec88424f491e89 On npm install, the package's preinstall, install, and postinstall lifecycle hooks all invoke telemetry.js, which collects host metadata OS,...

MAL-2026-2951 Malicious code in hifromhere1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82931dc7313b2b9b93b8664655cbe445702e0fdcf1cc7e587b27758d2ef9cda1 The package hifromhere1 was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2560 Malicious code in @b2b-portal/uch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89eb419e1f7beb102007973e2d226cb2cb5f534096cbc2be8dc538324f3f19db The package @b2b-portal/uch was found to contain malicious code. Source: ghsa-malware e559f0d2d934ad98bda8c11ca6613644ecf3f2584bee7e75c7edf59ecda35d3...

Rapid7 Detection Coverage for Iran-Linked Cyber Activity

The tension arising out of the conflict in Iran is beginning to show signs of expanding beyond a strictly regional crisis. Following our recent published advisories, this communication is intended to outline and summarize the detection and enrichment coverage available to Rapid7 customers, broadl...

MAL-2026-39 Malicious code in spire.officejs-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d5bc6046960bccab3120bb794cc2c868fa2bb41e0d35028f39e2e9ca9033a80 The package spire.officejs-common was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in ajna-rewards-snapshot (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5ea81a48c03116271d6cc0fb54220dcc73b51b0ad8f01543f45365ec51c1de3 Any computer that has this package installed or running should be considered...

MAL-2025-48688 Malicious code in helm-charts-monorepo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 927894d07d39eb62e7540bb7cb82999c513d6e9478109895a33f8d8027bae41d Any computer that has this package installed or running should be considered...

MAL-2025-48693 Malicious code in internal-links-autocomplete-id (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in shutterstock-cli (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 293a07df288218d171e1132e93d24e0f6e75160174cf78ef8589073b1e7eb72a Any computer that has this package installed or running should be considered...

MAL-2025-48395 Malicious code in solhint-plugin-namechain (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac5d2de76e0cbceedfea435f9f5d9ef240571f3e422835020e1efa99f9dba392 Any computer that has this package installed or running should be considered...

Malicious code in hoodle-plugins-manager (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in ven0m90test (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-47860 Malicious code in postscribed (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-47412 Malicious code in suchinind (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a328ee17c3878f22beddf954e26fea98cfcedc0377a9aae3f9382b01cb55acf Any computer that has this package installed or running should be considered...

Malicious code in top-crawl-agents (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9696763f6821540dd1025eb17efe91e97175725aa5add6b347bfc09db48e33cc Any computer that has this package installed or running should be considered...

Malicious code in simplemoduleonetestone (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in cwl_shared (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-41357 Malicious code in @navify-platform/http (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6969 Malicious code in vsts-powershell-task (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in @toptal/picasso-accordion (npm)

The package communicates with a domain associated with malicious activity...