311873 matches found
MAL-2026-2411 Malicious code in @wame/ngx-adfs (npm)
Malicious package due to hex obfuscation, dynamic module loading, process access, suspicious install script, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee67ae68f066d11c3e0625e260c588df3d43384ae91fe74292977ea5304684d9 The package...
Malicious code in @the-coca-cola-company/ngps-global-common-utils (npm)
Malicious post-install script combined with low project popularity indicates potential malware. Arbitrary code execution is a major concern. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ebe31c5bb51c354ed83627a02c11ca4c8541e042623b1b987255941ffafdaff The...
Malicious code in @phonos/types (npm)
Multiple evidences indicate malicious behavior: obfuscation, suspicious install script, access to sensitive functionalities, and untrustworthy source. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c10ea271203f85e595559214b08565cef54710fcc605eca02483606041cf5...
MAL-2026-2409 Malicious code in @phonos/types (npm)
Multiple evidences indicate malicious behavior: obfuscation, suspicious install script, access to sensitive functionalities, and untrustworthy source. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c10ea271203f85e595559214b08565cef54710fcc605eca02483606041cf5...
Malicious code in oc-ccp-module-client (npm)
Malware due to hex obfuscation, suspicious install script, dynamic module loading, OS command access, process object access, and untrustworthy project. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2b4b9cee1369c441aa8d759bc04085a8e2b14786df20656a8c6bc249e6260...
MAL-2026-2223 Malicious code in cr-static-shared-components (npm)
Malicious package due to code obfuscation, dynamic module loading, suspicious email, and arbitrary code execution during installation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fcc8531926534d3d87af7c173bfaba5f563bdbbc6ae8293de0150a0f00ba205 The package...
Malicious code in @cloudsop/hmoment (npm)
Malicious package due to suspicious install script attempting to require the current directory and low project popularity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad95ef51ef99f49ca08b99a81d6a18ecb75dafb1dad2afc2bca687f221ef95dc The package...
Malicious code in @ceeferenderer/fe-renderer-sdk (npm)
Multiple evidences suggest malicious intent: code obfuscation, dynamic code execution, process access, install script, and suspicious email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feee20bafab758bb648bbe425a100a13e6d21799552a2b5566fe6029faef6ce4 Package...
MAL-2026-2406 Malicious code in @ceeferenderer/fe-renderer-sdk (npm)
Multiple evidences suggest malicious intent: code obfuscation, dynamic code execution, process access, install script, and suspicious email. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector feee20bafab758bb648bbe425a100a13e6d21799552a2b5566fe6029faef6ce4 Package...
Malicious code in cclr-component-resources (npm)
Multiple evidences suggest this package is a malware: code obfuscation, dynamic code execution, suspicious domain, and unusual install script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61af3265fce06cfbb9bbf20e38d468e136487f69c41f70b0bbb1b331535bdf82 The...
MAL-2026-2413 Malicious code in cclr-component-resources (npm)
Multiple evidences suggest this package is a malware: code obfuscation, dynamic code execution, suspicious domain, and unusual install script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61af3265fce06cfbb9bbf20e38d468e136487f69c41f70b0bbb1b331535bdf82 The...
Malicious code in mgrcfg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eeb9b6975940ff31a6a0f6361fd93d8d361a3687103c94c011a6fdf510a2fdec The code exfiltrates content copied to clipboard content to a hardcoded location. The code is obfuscated and has a persistence mechanism. --- Category: MALICIO...
Malicious code in rowrapee (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 398cfbdac2d3602a5c9836408942993c3f2bbcda911184825f01cf9937fb035e The package hides code to download and start malicious script containing malware, identified as adware. The triggering method seems to be PTH file, although it...
MAL-2026-2121 Malicious code in roboat (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f04db4869c9e981873683b537f335c1f25c7c17c283315859699855a9c20816b During installation, the code attempts to download and start malware. Connected with the campaign based on the time correlation and other packages published by...
Malicious Package
Overview react-performance-suite is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-2118 Malicious code in hash-utils-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4177b7c46ecbfa35116b35a2a491107d0514cd6551a447b7213ef6e097172939 During importing the module, the code attempts to exfiltrate sensitive Telegram's client session files. --- Category: MALICIOUS - The campaign has clearly...
MAL-2026-2112 Malicious code in apply-hive-table (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 cd10a24231fb7b6830827a26ee11d450938fce94e811f0c233c6a63a8e3c98d9 In specific environments, during installation, the package attempts to exfiltrate some basic information using DNS requests and then cover tracks by installing...
Malicious code in react-tailwindcss-style (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5602af4bd6e54460627a64eb9632c4f1ec0e8604d523b76c272346a2f599cb99 The package react-tailwindcss-style was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwind-font-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2cb39a969b06dada95f847c6d5fc21fd0cb38a37c6b38a6b60ef1ca439f2147 The package tailwind-font-inter was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2111 Malicious code in tailwind-font-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2cb39a969b06dada95f847c6d5fc21fd0cb38a37c6b38a6b60ef1ca439f2147 The package tailwind-font-inter was found to contain malicious code. Source: ghsa-malware...