311862 matches found
MAL-2026-3832 Malicious code in zentra-finance (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b833dfa46f91b8537af5e04715675ef60a49270099067e825bdfcef719f564d The package zentra-finance was found to contain malicious code. Source: ghsa-malware 228654b7f668112317f2dd72a3aaf2d32bdaf470caa1d55d060f31c737ac2dd1...
Malicious code in zentra-finance (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b833dfa46f91b8537af5e04715675ef60a49270099067e825bdfcef719f564d The package zentra-finance was found to contain malicious code. Source: ghsa-malware 228654b7f668112317f2dd72a3aaf2d32bdaf470caa1d55d060f31c737ac2dd1...
Malicious code in zentra-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0e01d6a4a54894203355e9b44bb2489f91006985ffc2ea5d5650b172653cd76c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3836 Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...
MAL-2026-3825 Malicious code in safe-env-reader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad60c5cf4596544e0850900c3340d21c5fec76024a063c057b8b935b02366d4d The package safe-env-reader was found to contain malicious code. Source: ghsa-malware 8fc3e1ef0bee11b2c0e5cb99d3c821492232db6c715fd90cde09c74aa86b926...
Malicious code in safe-env-reader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad60c5cf4596544e0850900c3340d21c5fec76024a063c057b8b935b02366d4d The package safe-env-reader was found to contain malicious code. Source: ghsa-malware 8fc3e1ef0bee11b2c0e5cb99d3c821492232db6c715fd90cde09c74aa86b926...
Malicious code in parse-regex-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d7619f0cfdbd6c6bd09c366186aa4b333ed935b4bc33580097d598b3fc8bd5b The package parse-regex-string was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview secure-env-loader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-3827 Malicious code in string-manipulation-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bed3d44d42fd732fc0b3ec3b59c8c75fea479f97b78de4982c5b75bafd9af25 The package string-manipulation-typescript was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview parse-regex-string is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in validate-api-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c2249a9b57bfab0277840b52fc1774c096dd7c3022b9bd0d0ae5cfeda0b14c The package validate-api-key was found to contain malicious code. Source: ghsa-malware db221657101473a5da0e59194e2ba30d99b576faae8b3e7ff21c5d68b83ff1...
Malicious code in secure-env-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb7787215b2967bfcddab47d96770b6d2ec2e1328ea2ef789e003aa53de4960 The package secure-env-loader was found to contain malicious code. Source: ghsa-malware...
Malicious code in string-manipulation-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bed3d44d42fd732fc0b3ec3b59c8c75fea479f97b78de4982c5b75bafd9af25 The package string-manipulation-typescript was found to contain malicious code. Source: ghsa-malware...
Malicious code in parse-escape-regex-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41f2d6da130b64c53517f7be20b6f43e0fde62b07a805a2689d1baa4f8c30c1c The package parse-escape-regex-string was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview validate-api-key is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-3828 Malicious code in validate-api-key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c2249a9b57bfab0277840b52fc1774c096dd7c3022b9bd0d0ae5cfeda0b14c The package validate-api-key was found to contain malicious code. Source: ghsa-malware db221657101473a5da0e59194e2ba30d99b576faae8b3e7ff21c5d68b83ff1...
MAL-2026-3824 Malicious code in parse-regex-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d7619f0cfdbd6c6bd09c366186aa4b333ed935b4bc33580097d598b3fc8bd5b The package parse-regex-string was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3826 Malicious code in secure-env-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb7787215b2967bfcddab47d96770b6d2ec2e1328ea2ef789e003aa53de4960 The package secure-env-loader was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3823 Malicious code in parse-escape-regex-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41f2d6da130b64c53517f7be20b6f43e0fde62b07a805a2689d1baa4f8c30c1c The package parse-escape-regex-string was found to contain malicious code. Source: ghsa-malware...
Malicious code in claude-code-base-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3000eab5b77e9247ae3dc1125384eaeb03ecdae7ecd17fe30ee6216a6a87c686 The package claude-code-base-action was found to contain malicious code. Source: ossf-package-analysis...