311901 matches found
MAL-2026-1333 Malicious code in polygon-gamma-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbe3f588073fea9d33a70fcdffbe2466af2886a8bf5227c8e3256235aca46899 The package polygon-gamma-api was found to contain malicious code. Source: ghsa-malware...
Malicious code in mui-path-imports (npm)
The package 'mui-path-imports' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1332 Malicious code in mui-path-imports (npm)
The package 'mui-path-imports' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in clean-order (npm)
The package 'clean-order' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in typescript-urql (npm)
The package 'typescript-urql' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1337 Malicious code in typescript-urql (npm)
The package 'typescript-urql' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1326 Malicious code in clean-order (npm)
The package 'clean-order' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1334 Malicious code in sort-export-all (npm)
The package 'sort-export-all' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in filter-imports (npm)
The package 'filter-imports' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1327 Malicious code in filter-imports (npm)
The package 'filter-imports' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in import-zod (npm)
The package 'import-zod' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.artifactsnpm.com...
MAL-2026-1330 Malicious code in import-zod (npm)
The package 'import-zod' is part of the PhantomRaven supply chain attack campaign Wave 4. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.artifactsnpm.com...
Malicious code in llm-oracle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98fdc3b2f8d6e1b4bb0e26b6f7f12227b5759900fb7c859b6b13093b1a159bf9 The package llm-oracle was found to contain malicious code. Source: ghsa-malware 94a20da2ad0a043d47545889257036cffa168646e3083c39007db16c692dc419 Any...
Adobe Experience Manager(AEM) 跨站脚本漏洞
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Malicious code in bluelite-bot-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02181290fe37f11e082818a15c1f6baa4d8479279412a74ec4b440ec14dafc7 The package bluelite-bot-manager was found to contain malicious code. Source: ghsa-malware...
Malicious code in test-logsmodule-v-zisko (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6f59f2c34febf5b71ba7f6912540619742de8815167ecc99397fe9b5b9eced9 The package test-logsmodule-v-zisko was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1323 Malicious code in bluelite-bot-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02181290fe37f11e082818a15c1f6baa4d8479279412a74ec4b440ec14dafc7 The package bluelite-bot-manager was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1324 Malicious code in test-logsmodule-v-zisko (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6f59f2c34febf5b71ba7f6912540619742de8815167ecc99397fe9b5b9eced9 The package test-logsmodule-v-zisko was found to contain malicious code. Source: ghsa-malware...
Malicious code in rtxnode-sass22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36a78ba8212bc3ab76a0cd01b40b2a3c0b18f319ccb29c6ccea455e9a89449a8 The package rtxnode-sass22 was found to contain malicious code. Source: ghsa-malware f55edfe6ea35e734acb3592f0b13348ef997c46497c2975855d609ee45912671...
Malicious code in @openclaw-ai/openclawai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f93eed751f0a289cca2167f2999e3757984b82f1dc815e9a68dd05b5a95b23d The package @openclaw-ai/openclawai was found to contain malicious code. Source: ghsa-malware...