311911 matches found
Malicious code in crypto-reader-info (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e31fe14a706d54aaad373a2174a83c58af8a065a0e8e5c98c201e3b986430d The package crypto-reader-info was found to contain malicious code. Source: ghsa-malware...
MAL-2026-970 Malicious code in secp256 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5474e89cc8b0f2d2e5c37d3a2bad92455e82535d614d82fb0ff96979ba1ac2d3 The package secp256 was found to contain malicious code. Source: ghsa-malware 12775af1dc40ed0560ed3a8265ad9a1c9a122b3860a9f081e190b2ad8f30ba5d Any...
MAL-2026-960 Malicious code in hardhta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc27417b62c3ad399e369577764608120ee2b3662367f1d51bf5fb8378560bcf The package hardhta was found to contain malicious code. Source: ghsa-malware e4174e96a92d9c0d7bbe499ed40d2e4cab9635c61471a1602fd117d8115e2d38 Any...
MAL-2026-965 Malicious code in node-native-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc9503b92533dc98c475b75c09a1c40fcec67ad7b56c488b9677c0ff0740c4d2 The package node-native-bridge was found to contain malicious code. Source: ghsa-malware...
Malicious code in opencraw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaed661cc51e76234fc6cba7587b973903e00bbacd33da7114aeb726d957b577 The package opencraw was found to contain malicious code. Source: ghsa-malware 5bc39adf3939792f918a50cbc9a9952a11d950e361d83d5631449f20ad634945 Any...
Malicious Package
Overview suport-color is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in cloude-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ec24ba80068a14617a513915da6a3751b60345b9c1e9144a362c4b85abefdc6 The package cloude-code was found to contain malicious code. Source: ghsa-malware 8da7714f501eed0c20e3432333dc73d1707e7ef16a803df07b6d73fab1945be7 An...
Malicious code in iru-caches (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bedff4313b653182b12500ff93779e0605bbd045470b58245a0ab47629e3404f The package iru-caches was found to contain malicious code. Source: ghsa-malware 2f24ac88d53abde060c0a707ee445377609019c4e9f93e40218672b204cb50ff Any...
Malicious code in suport-color (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa28b384b2a4def64b3573ce8177cb8db3790508b4ad7b2b92345ffa222193e8 The package suport-color was found to contain malicious code. Source: ghsa-malware ca2fb15b3d908dd99e112e290646122d415a0a43d135631603a0a007e172ef8f A...
Malicious code in claud-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 858992810c1a4133d95b6fa19033c07591db548a46df39b67e0d393d7dd212ad The package claud-code was found to contain malicious code. Source: ghsa-malware 5fe9842d778d45ad5b5e4d81db678d608711dd4b186e053569dae6f210481651 Any...
Malicious code in iruchache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89a5662924927fa4f51ea9338e9e71722d8554754b9c6a42d20651fbf209ed1 The package iruchache was found to contain malicious code. Source: ghsa-malware b44470c4008c04639889f53b9b4ab430335013659859007be3c55f551d2d68a9 Any...
MAL-2026-966 Malicious code in opencraw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaed661cc51e76234fc6cba7587b973903e00bbacd33da7114aeb726d957b577 The package opencraw was found to contain malicious code. Source: ghsa-malware 5bc39adf3939792f918a50cbc9a9952a11d950e361d83d5631449f20ad634945 Any...
MAL-2026-971 Malicious code in suport-color (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa28b384b2a4def64b3573ce8177cb8db3790508b4ad7b2b92345ffa222193e8 The package suport-color was found to contain malicious code. Source: ghsa-malware ca2fb15b3d908dd99e112e290646122d415a0a43d135631603a0a007e172ef8f A...
MAL-2026-953 Malicious code in cloude (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b744a4fe3734f90aaf8d25e66146a0673fa2e1a806c8d6a573d9a7013ca04b6 The package cloude was found to contain malicious code. Source: ghsa-malware b64dc9c2967ed5f2f54160b6bd780fb24ad29af8c22355f706b026ea25c3b3e1 Any...
MAL-2026-962 Malicious code in iruchache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89a5662924927fa4f51ea9338e9e71722d8554754b9c6a42d20651fbf209ed1 The package iruchache was found to contain malicious code. Source: ghsa-malware b44470c4008c04639889f53b9b4ab430335013659859007be3c55f551d2d68a9 Any...
`clob-sdk` was removed from crates.io for malicious code
This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-20 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...
Malicious code in rubocop-vintedmetrics (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8e90dd88f71e05719940997342cf6a367387fc68045f091a864d8f8e7e62be8 The OpenSSF Package Analysis project identified 'rubocop-vintedmetrics' @ 9.9.12 rubygems as malicious. It is considered malicious because: - Th...
MAL-2026-947 Malicious code in ethrpc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b1eff108aebd0c94cd1b2c9dd2321060f61236e0dbf655c62f729169dcd5d5b3 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...
Malicious code in web3tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 50b63ced7e162150a14fbfb557df8683707b72b361caf1243a14468fd910a036 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...
MAL-2026-949 Malicious code in ethrpc-keys (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f086c363123d21b52dc28b5a642db6c1eb84e01dc519995435476b19655d63a9 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...