311901 matches found
MAL-2026-1455 Malicious code in native_dep (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8cbbcc5fef314cdaa3a8b8c2d15e298a0c5f1c444084cc36a8dc36a95b7da1 The package nativedep was found to contain malicious code. Source: ghsa-malware 96b85414b77cb51face1caae1f5ab5ab4ba386fb95ba1c8594ac3ce47a6cb19d Any...
MAL-2026-1421 Malicious code in devlino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab9a10cdd7f1009bc1531da7299dc55e1a8ab63a76e1175becfff1dd629cf0f The package devlino was found to contain malicious code. Source: ghsa-malware e2d2201ff31202f25731c9699e97997f89ed857a82aa98a9feaa0ebe1243c45f Any...
Malicious code in tailwind-mainanimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64236873269f6da90599a0e0136ce22979e4bbfd8103cf4850e42c1179ae6cb5 The package tailwind-mainanimation was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1418 Malicious code in tailwind-mainanimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64236873269f6da90599a0e0136ce22979e4bbfd8103cf4850e42c1179ae6cb5 The package tailwind-mainanimation was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1419 Malicious code in tailwindcss-style-modify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b0ae66880918a2da3f10a1be7386982be7c7ff76855cf9f401733b92436e1d3 The package tailwindcss-style-modify was found to contain malicious code. Source: ghsa-malware...
Malicious code in project47 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-1412 Malicious code in project47 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a3f77d5ebfcf087b4f055d7ce552ee0165eadf99d8cc6dcd0f3c767393099d27 Facebook hacking tool that also forces the user to follow specific accounts --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
MAL-2026-1410 Malicious code in ighack (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 889207a729f6b97c385d6c0afe217776d10331cdf7e5dd511f80e0d01e899842 Instagram hacking tool that besides abusing the Instagram API, also automatically uses user's credentials to follow hardcoded accounts. --- Category: MALICIOUS...
Malicious code in nfd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09861068d4a40cdebd80dae1ae4db85b45498bdb1f7f039cf44b33f41e68534f Facebook automation/hacking tool, with a part of its code obfuscated. Given that other packages from this uploader exfiltrate user's credentials, this is likel...
MAL-2026-1411 Malicious code in nfd (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 09861068d4a40cdebd80dae1ae4db85b45498bdb1f7f039cf44b33f41e68534f Facebook automation/hacking tool, with a part of its code obfuscated. Given that other packages from this uploader exfiltrate user's credentials, this is likel...
Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
Malicious code in hardhat2-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07f3569b1ea09e6b004d6249655bfae8ddcec6a95981a49adf26a2a32ebf435 The package hardhat2-config was found to contain malicious code. Source: ghsa-malware dcc4ecf526d7ea6da9ad012c177af156b24bd09ac322140e1390de5a3d20b5b...
Malicious code in pulsard-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5088b269cb089b9b077cf5a13f9b00cbb8d01375276ce1e2f1c99fc7154a46be The package pulsard-utils was found to contain malicious code. Source: ghsa-malware ff1030d82dfca7d7403806e0bd8ba645d25cddd141cb5480664a6555f2d441d7...
Malicious code in twitch.dashboard-v2.core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 637dc1fe27ba94d42da29869618ddc561c6dece34d9b0cbfc0061919e77de510 The package twitch.dashboard-v2.core was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1417 Malicious code in twitch.dashboard-v2.core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 637dc1fe27ba94d42da29869618ddc561c6dece34d9b0cbfc0061919e77de510 The package twitch.dashboard-v2.core was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1414 Malicious code in hardhat2-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c07f3569b1ea09e6b004d6249655bfae8ddcec6a95981a49adf26a2a32ebf435 The package hardhat2-config was found to contain malicious code. Source: ghsa-malware dcc4ecf526d7ea6da9ad012c177af156b24bd09ac322140e1390de5a3d20b5b...
MAL-2026-1416 Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
Malicious code in makenotion-ppetest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8a77a3e2f70388147c71ce781715204b49848f8a88c362506e14ecfbdff51208 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in rrweb-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2c1a8d89ba0817d9264bc9f6e59c5c1e4c683b98ce32ba7d9bcb3e61f1f016b The package rrweb-v1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview pino-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...