311869 matches found
Malicious code in sbx-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...
MAL-2026-2132 Malicious code in sbx-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...
Malicious code in yelp-react-component-rating (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027bbca928c4c1696f388fbb2ac0ac3a7c74a29db1a6bb76b5c7431759c27421 The package yelp-react-component-rating was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview characterai-poc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in agoda-dep-confusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa0bc71a76133f8ba2469aab72a42ed605c22eaf6a3816754f5dff2cb21fa87 The package agoda-dep-confusion was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2127 Malicious code in agoda-test-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61298c02c98b568b7b2735848ed2087ced94165a58e6602af9769d359b279056 The package agoda-test-poc was found to contain malicious code. Source: ghsa-malware f1dc100458bb8a2a4c1831d2a680b7895085adc4bb5fa5c90701f52b1165eb8d...
Malicious code in yelp-react-component-photo-upload (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32e7f0c90df117fd4748129db7ebb37ee6519a0f8ace68bbd197b8f6658da7ee The package yelp-react-component-photo-upload was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2135 Malicious code in yelp-react-component-photo-upload (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32e7f0c90df117fd4748129db7ebb37ee6519a0f8ace68bbd197b8f6658da7ee The package yelp-react-component-photo-upload was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2134 Malicious code in yelp-biz-action-constants-js-generated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063bb3466bef20db9d0f0c8436b384fe8b498ccceef3993ab43e0482b43efc40 The package yelp-biz-action-constants-js-generated was found to contain malicious code. Source: ghsa-malware...
Malicious code in nemo-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d59bda0a25d9b656075c91322ff0c7a8463b743465176a358265f7fb35710b98 The package nemo-fpti was found to contain malicious code. Source: ghsa-malware 7e5357f25ae0271690f061e93dc85be49cf6ebe3ccd0d09110524b0fcbb30ee3 Any...
Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
MAL-2026-2133 Malicious code in server-fpti (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...
MAL-2026-2144 Malicious code in litellm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 6a89401cbf53902e8374fbf3b424a77bb5e5f8c437176232eab7c3237d10ecbe LiteLLM was compromised through trivy security scan in a GitHub workflow. Attackers uploaded malicious versions of LiteLLM to PyPI. The...
Malicious code in customerdigital-ui-components-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a8c957edf16da956a7859c7a0e1d8accbe84824b88f1f19f70a01acd07b729 The package customerdigital-ui-components-lib was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2125 Malicious code in customerdigital-ui-components-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70a8c957edf16da956a7859c7a0e1d8accbe84824b88f1f19f70a01acd07b729 The package customerdigital-ui-components-lib was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2412 Malicious code in @wame/ngx-frf-utilities (npm)
Malicious package due to JS obfuscation, dynamic code execution, OS/DNS access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfa63e93a0b5a6ead3de9d3680bb75a023c43b59c6db80e0072b6a239cb7d5da The package...
MAL-2026-2411 Malicious code in @wame/ngx-adfs (npm)
Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...
Malicious code in @the-coca-cola-company/ngps-global-common-utils (npm)
Malicious post-install script combined with low project popularity indicates potential malware. Arbitrary code execution is a major concern. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ebe31c5bb51c354ed83627a02c11ca4c8541e042623b1b987255941ffafdaff The...
Malicious code in @phonos/types (npm)
Multiple evidences indicate malicious behavior: obfuscation, suspicious install script, access to sensitive functionalities, and untrustworthy source. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c10ea271203f85e595559214b08565cef54710fcc605eca02483606041cf5...
MAL-2026-2409 Malicious code in @phonos/types (npm)
Multiple evidences indicate malicious behavior: obfuscation, suspicious install script, access to sensitive functionalities, and untrustworthy source. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c10ea271203f85e595559214b08565cef54710fcc605eca02483606041cf5...