311862 matches found
Malicious Package
Overview gcp-internal-research-poc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in frank-newton3-final-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475946d315dcfc995a7c806043777be1e5a57b72c7c1313fc36944f37a52db1 The package frank-newton3-final-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3168 Malicious code in apple-internal-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16ae120f182e305f15d778dfe594aa3f79076b93b5bd4be77f293fdf08c5e12a The package apple-internal-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3173 Malicious code in gcp-internal-research-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9241eea1246719d57b428f64fd5138ae386fcf285aadd32a0a2ece3a8926b588 The package gcp-internal-research-poc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3174 Malicious code in internal-sys-audit-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fa7464d076e1807141a149346864e59a44c3b8e2731c02e05c9d93d0dcf487 The package internal-sys-audit-check was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3170 Malicious code in frank-newton3-db-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c57962acb9140cd99fb10338da13df89a6af2a7da30694456df2bc151acd247 The package frank-newton3-db-poc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3169 Malicious code in frank-newton3-db-final (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a69c1c519dbe289ed217a75f1a31ace9b850acdb7df6cdadd95ca68f879f1d The package frank-newton3-db-final was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3172 Malicious code in frank-newton3-user-hunt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3d2188a1bfb704f499669b386b4268ab26fb46de37022d5b91df575521fcf81 The package frank-newton3-user-hunt was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3166 Malicious code in apple-infra-escape-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4ca3e5d6066fa58a9fe52cc968a31569064af5959443ab3b8088f088c72b851 The package apple-infra-escape-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3167 Malicious code in apple-infra-stealth-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62019b469ab2852a4c8a4453043d5452768c2ac046ad1dc258366eac98de24ac The package apple-infra-stealth-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3171 Malicious code in frank-newton3-final-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475946d315dcfc995a7c806043777be1e5a57b72c7c1313fc36944f37a52db1 The package frank-newton3-final-audit was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-as-redeployed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e2a156e4adadf2466c1ce0f0501539ea4bb3306edd9b2c97109326a9f94f3a The package chai-as-redeployed was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3165 Malicious code in chai-as-redeployed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e2a156e4adadf2466c1ce0f0501539ea4bb3306edd9b2c97109326a9f94f3a The package chai-as-redeployed was found to contain malicious code. Source: ghsa-malware...
Malicious code in @cap-js/db-service (npm)
Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...
MAL-2026-3148 Malicious code in amazon-boto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 649bb559f3078565515a9fee16dbe78e0d1b5575943cbaf020135f8e70e2f17d When using the package, the given AWS credentials are silently exfiltrated to a hardcoded location. This incarnation of the long-running campaign was first...
MAL-2026-3147 Malicious code in coinmate-typescript-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbfed1f09c009e285a20b7f2914257795846bf558a735467cb742ab4bc53165b The package coinmate-typescript-client was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview @validate-sdk/v2 is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in robase-apis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 953430b69a70b8a69dd00f87a8cf96f9b60eaf4dfdd70fd129ba5d2502612555 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3138 Malicious code in robase-apis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 953430b69a70b8a69dd00f87a8cf96f9b60eaf4dfdd70fd129ba5d2502612555 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in sf-th-requests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3a4508be29963ffe0a2d8b245449cf80873bdd6037c226e94ff99d9937566c7d During import package exfiltrates the environment variables and cloud credentials/tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has...