Malicious code in bytefrontier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d678267bdb56055d10c84922de235b32990b683287a2d918f4664856e0b26ac8 The package bytefrontier was found to contain malicious code. Source: ghsa-malware 61a6f4a4eeaf1e191d0ddc26158901f74e1a4387951453d9cc21567ce3412e70 A...

MAL-2026-2660 Malicious code in use-feature-flags-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b176246976f266320b17cb9aa3a4fdddb6970d6f115637cb5cb2224c2db75c7e The package use-feature-flags-plugin was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview partner-tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-2643 Malicious code in ms-affiliate-links (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 341048b16926b4d40796ca96aef3816934a2b84602c26451638154b6d90ab5d8 The package ms-affiliate-links was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2650 Malicious code in one-sdui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ae9d1e61120df70064f163b6e30ced15f3ec724fb27cbc92b9ac1b8d1cd4c02 The package one-sdui was found to contain malicious code. Source: ghsa-malware 3e8ccc46dbdf8114e190c849d6db29184468de377c64467c88e3e33398d54018 Any...

MAL-2026-2640 Malicious code in bytefrontier-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9d258ef52db5cbfc634713540fa5f4f797e50b65fa49d3271b9cd3cf34b20dc The package bytefrontier-core was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2651 Malicious code in one-translations (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8509aaa4a1769ce406c0bf7883ec6930bbd4aedbbeeb82df3ae719ab279ff238 The package one-translations was found to contain malicious code. Source: ghsa-malware 6d3a1486ad2ba464c9c1c678dfbab6c735eccaf31f2a1d3cba6e3f28a3fad5...

Malicious code in tailwind-lines-clamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d3d215fb943fe734ea49a73d1d0f503c465c829b5f5b5327ca3d83eaa0e377a The package tailwind-lines-clamp was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2655 Malicious code in tailwind-lines-clamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d3d215fb943fe734ea49a73d1d0f503c465c829b5f5b5327ca3d83eaa0e377a The package tailwind-lines-clamp was found to contain malicious code. Source: ghsa-malware...

Malicious code in percy-cake-docker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf9ba1c1f0935698da1dc2d1856efe1994c5b21139eec04f6eca712e85925f2 The package percy-cake-docker was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2634 Malicious code in percy-cake-docker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf9ba1c1f0935698da1dc2d1856efe1994c5b21139eec04f6eca712e85925f2 The package percy-cake-docker was found to contain malicious code. Source: ghsa-malware...

Malicious code in centralogger (npm)

dom-utils-lite and centralogger, with identical payloads. On npm install, a postinstall hook fetches the attacker’s SSH public key from a Supabase storage bucket, appends it to /.ssh/authorizedkeys, harvests the victim’s IP, username, and hostname, then uploads that metadata to the same Supabase...

MAL-2026-2826 Malicious code in dom-utils-lite (npm)

dom-utils-lite and centralogger, with identical payloads. On npm install, a postinstall hook fetches the attacker’s SSH public key from a Supabase storage bucket, appends it to /.ssh/authorizedkeys, harvests the victim’s IP, username, and hostname, then uploads that metadata to the same Supabase...

MAL-2026-2628 Malicious code in svchost (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a56926028e7e253a1ffb3ba27d6514a5cbc6b23964d7e1094846a895dd322656 Code exfiltrates sensitive crypto wallet's files and sets up a keylogger trying to catch the password to the wallet --- Category: MALICIOUS - The campaign has...

MAL-2026-2632 Malicious code in magentaa11y (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 995b52a2411e3213a611e58f659a941136e8021a88e1d638a232018265d5c11a The package magentaa11y was found to contain malicious code. Source: ghsa-malware 1c1c14e542b99ac8e01a06fd61158c90ffe14fbedbf4834d97f38d65d477ebb5 An...

Malicious code in walmart-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4cb99836d95f651dcdf50a02819e299598fbb9e62a702601ce6fa89c3ed6ec0 The package walmart-internal was found to contain malicious code. Source: ghsa-malware 88f5dbf5cfe998f7ad3015cadd6b280accbeb5aadf15cdc7575f4f83a6f572...

Malicious code in @spoonflower/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e29845a092ba3a019d35adbb88e7fb15512c600cb11fceab06cb845fca75dbd2 The package @spoonflower/ui was found to contain malicious code. Source: ghsa-malware 68f97ac64dba33bf11aa1a9ae810a78f7fb21470e2ccce80e8975cc56d012a7...

Malicious code in @mx-shared/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80722921f3ba7863b8f28031aa4edf777ce8e270fab10bcead75016a286cb125 The package @mx-shared/utils was found to contain malicious code. Source: ghsa-malware 30ead10eaa18cee42152061c23ee9a84c465e687911f78dd1ae0c613f1c2b1...

Malicious code in @zgny/onboarding-consumer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 684a60d5d9d4b9ac47a7796608812b7cb223c1567b4ff70aa057e57b6101f590 The package @zgny/onboarding-consumer was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2581 Malicious code in @dtc-campaign-wizard/campaign-wizard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f551e16bdd57ec65154ddd0b1ebe5a701abe98d86f25490fb3c36b19e9fa41 The package @dtc-campaign-wizard/campaign-wizard was found to contain malicious code. Source: ghsa-malware...