311862 matches found
MAL-2026-3618 Malicious code in mimecast-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31248312aa36cca999d7f40ba478d484be495b350e0858850baf3a9a6bf15630 The OpenSSF Package Analysis project identified 'mimecast-web-components' @ 2.0.0 npm as malicious. It is considered malicious because: - The...
CVE-2026-33862
A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...
Malicious code in 88q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb830829cae1605ff7626653a2470db03cd5a5aab98b3f0a7f5912eaf244561b The main entrypoint index.js runs an IIFE at require time that monkey-patches the global console.warn and console.error methods. After the override,...
Malicious code in 0xegg2024 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f32380998652e4d6d7b70da165cff6d669a4c6a6d9297da2a137071abf6317 Tea.yaml token farming campaign...
MAL-2026-3668 Malicious code in 0xegg2024 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86f32380998652e4d6d7b70da165cff6d669a4c6a6d9297da2a137071abf6317 Tea.yaml token farming campaign...
Malicious code in 8q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...
Malicious code in projz-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 196ea7ee7277857a29c8478e6908961bde9f28aa136c3e6ae68412ba4b67bff0 The package routes authentication-related calls through a hardcoded third-party HTTP endpoint and then unpickles the server's raw response, which is ...
Malicious code in 100jsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207a07d918d9b3ddfdf0f845ec22f6bab19629fa77968d3b41409d0b62bad441 The main entry g.js constructs an image beacon whose src is a base64-decoded attacker URL https://w.g32.com/g?k= concatenated with...
MAL-2026-3669 Malicious code in 100jsss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207a07d918d9b3ddfdf0f845ec22f6bab19629fa77968d3b41409d0b62bad441 The main entry g.js constructs an image beacon whose src is a base64-decoded attacker URL https://w.g32.com/g?k= concatenated with...
Malicious code in 1mi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a68ec5fa97918431510ba9ef57d3d601738891094478b5ebf996a3eafa0cb960 This package masquerades as a Cloudflare Worker Telegraf middleware README: 'cfworker-middware-telegraf' but its main module unconditionally forwards...
MAL-2026-3679 Malicious code in @2oolkit/hyperliquid-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3af30011dcf54950f270463028270d732fce20b5cd5da44342a0748922e6df The package is advertised as a neutral CLI/MCP wrapper for Hyperliquid, but its distributed code silently routes value from the installer to an...
MAL-2026-3671 Malicious code in 1co (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e09cc40cc6a0084f383fd0a359be04fa0d0e5aed50e9f4b78d8714868fc35ca4 The package's main entry index.js exports a console replacement whose.info method silently POSTs caller-provided arguments to a hardcoded Telegram...
MAL-2026-3677 Malicious code in 8oo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c949ba1ac1cd3a6c96d3f1fc8c32cdc64cb9474fa07dd6633ebf4f69073a495 The package's main entry index.js executes an IIFE at require time that loads 66o.js, which replaces the global console with a Proxy. Every intercept...
Malicious code in 11j (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad371791d84a3c28ca12b62bae45a07567847b7df025c93611f8f504a1c869 the analysis identified unambiguous malicious behavior in log.js the package main: an IIFE executes on require/import that monkey-patches...
Malicious code in @draftauth/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @ml-toolkit-ts/xgboost (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @ml-toolkit-ts/preprocessing (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @tallyui/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @dirigible-ai/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
Malicious code in @draftauth/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...