2 matches found
MAL-2026-5255 Malicious code in executable-stories-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in kapvino-soffgdi-ugaafaoha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28c60379a9414edf62594adf3c7888071e04521a14f249f4d358a4076932f2fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...