311911 matches found
Malicious code in projectrtert (npm)
Package collects and exfiltrates sensitive system data to Oastify URLs. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b127b8509d4b1ad251567a872811e8a8f4441791c7edadb916c6214be26768 The package projectrtert was found to contain malicious code. Source:...
MAL-2026-1233 Malicious code in projectrtert (npm)
Package collects and exfiltrates sensitive system data to Oastify URLs. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b127b8509d4b1ad251567a872811e8a8f4441791c7edadb916c6214be26768 The package projectrtert was found to contain malicious code. Source:...
Malicious code in @schedaero/shared (npm)
Malicious package due to suspicious URL, data exfiltration, forced process exit, preinstall script execution. Impersonating legit schedaero.com. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde30d72c136b3e78352eecc9a614e37d812dc136aca7d2c685f2bdafd305207 The...
PT-2026-21992
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One Console affected versions not specified Description The Trend Micro Apex One Console is susceptible to a directory traversal issue that could lead to remote code execution. The issue allows an attacker to potentially gain...
Malicious code in rtxbbtyols (npm)
Package collects and exfiltrates sensitive info to oastify.com via HTTP in both index.js and setup.py with silent error handling. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a545131c0d6f2f8be5e52e2d51ba1ca4bc79095868f4b3c8169744110c68ecd The package...
Malicious code in @protonme/routing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e618f44597f1625955e5cafd982eed4bc5eea13d53fb57c344daf811fdb6924 The package @protonme/routing was found to contain malicious code. Source: ghsa-malware...
Malicious code in @unitedcapitalfinancialadvisors/finlife-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 158b79753c39be97f6436dd06b4ef12321c0419a81070690604105af362334d3 The package @unitedcapitalfinancialadvisors/finlife-component-library was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1024 Malicious code in @protonme/routing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e618f44597f1625955e5cafd982eed4bc5eea13d53fb57c344daf811fdb6924 The package @protonme/routing was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1025 Malicious code in @unitedcapitalfinancialadvisors/finlife-component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 158b79753c39be97f6436dd06b4ef12321c0419a81070690604105af362334d3 The package @unitedcapitalfinancialadvisors/finlife-component-library was found to contain malicious code. Source: ghsa-malware...
Malicious code in @kiukicom/sidebar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cb39359f91f7a9efe145c20140da0ac4320a6fcce0335e8619af25bcd76c3af The package @kiukicom/sidebar was found to contain malicious code. Source: ghsa-malware...
Malicious code in @ai-studio-web/app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a29e5e23697b695bdd456d100ba49a1ef5c6f4450b46672dedcd164a073e8eb The package @ai-studio-web/app was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1021 Malicious code in @atg-aml-shared/kyc-domain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 669af5ff086209bd01c2d69a805bb4272ccedbc54a1a1c0ce79b0794dc92daea The package @atg-aml-shared/kyc-domain was found to contain malicious code. Source: ghsa-malware...
Malicious code in @atg-aml-shared/kyc-domain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 669af5ff086209bd01c2d69a805bb4272ccedbc54a1a1c0ce79b0794dc92daea The package @atg-aml-shared/kyc-domain was found to contain malicious code. Source: ghsa-malware...
Malicious code in @coinmetro/app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8710d0b7801eb38be3efb787ab05f7dde1bf3d8e16e645c2b587fc6af19a60b1 The package @coinmetro/app was found to contain malicious code. Source: ghsa-malware 298d5aea9a95bac11ef6a844456d1e9144166fa3eb0885775e41a79b1c8319b6...
MAL-2026-1023 Malicious code in @kiukicom/sidebar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cb39359f91f7a9efe145c20140da0ac4320a6fcce0335e8619af25bcd76c3af The package @kiukicom/sidebar was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1022 Malicious code in @coinmetro/app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8710d0b7801eb38be3efb787ab05f7dde1bf3d8e16e645c2b587fc6af19a60b1 The package @coinmetro/app was found to contain malicious code. Source: ghsa-malware 298d5aea9a95bac11ef6a844456d1e9144166fa3eb0885775e41a79b1c8319b6...
MAL-2026-1020 Malicious code in @ai-studio-web/app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a29e5e23697b695bdd456d100ba49a1ef5c6f4450b46672dedcd164a073e8eb The package @ai-studio-web/app was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1018 Malicious code in do-not-install-this-package-003 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3b7a8f2037bd4c28a5474af17179da0c12e37019623f5efa4d081d60758d4ac9 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...
Malicious code in chai-iotype (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a2528589040b93908e5bf212c3555330685a1e4a864848c672bfc7c9db91d9d The package chai-iotype was found to contain malicious code. Source: ghsa-malware 15de0c2b34317027aeda224019cbe2bd0c8c0e1d0c28cc5ff4f23cb6c0fcbc92 An...
MAL-2026-1016 Malicious code in js-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fbd8b0061a32bc73c0f643e53d0522b03117bda560c40b279b8cdebe5a1100 The package js-multer was found to contain malicious code. Source: ghsa-malware 330a991375f32abf73368d5d321c5a485cd844db42ccaa02388ebe61bc013376 Any...