MAL-2026-5655 Malicious code in @hatcha-captcha/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9a9310a4e2c8c3906b130725a5d8366ccad0df5529428fa9056c62f69f4c3b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5657 Malicious code in @iobeya/spa-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9a974281dcc6456d815e6cb8b755c3084c7ba2d4026264474e459681a9a25cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5661 Malicious code in @sazka/web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f28f82bd2ace12b57cc67c8da0f065ed544157af3148f2680ca8a36c9ef01b21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5658 Malicious code in @marketplace-shared/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98933a5f467c2a623815ed46e5baf6838ba6e86e8055b48d4941da3bf59e5c41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5662 Malicious code in @snowsight/debug-tooling (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ca444a9a90c96e463edeafef6a8f5ebdcc91dd128361d2b2aa42b6897cc48e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5665 Malicious code in @visma-net-platform/module-navigator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d9c86b2942a6a62e08900c1c60743e4cec865cc0a439db8d8e6a0509d187b6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5659 Malicious code in @ngt-frontend/widgets-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea73e01bd9fd14de80da7385a457c47d65d0af138480a99f91556880fabf9d3f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in fed-callnative (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mm-ts-utils-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f5526f66eb7799c34080dc4e5f938decfa90924772556b159a26eaa3b1c4eb3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5670 Malicious code in pui-diagnostics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f05c21e14c3c230fc88a2e0513e8dcd1ba8eda06a21ee1371dd5277b4280740a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5668 Malicious code in fed-callnative (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5667 Malicious code in experian-analytics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b17ea66ee9c256e21971184546b027011520942070236a348fe0da478b5ac66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5671 Malicious code in sitecore-mm-component-style (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1e025725001efb60959449e734f39db775cc54e77abb0c97364f7929cf54a8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5669 Malicious code in mm-ts-utils-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f5526f66eb7799c34080dc4e5f938decfa90924772556b159a26eaa3b1c4eb3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in experian-analytics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b17ea66ee9c256e21971184546b027011520942070236a348fe0da478b5ac66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in pc-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f046d16052b9121c55f2fd5e6eb2be90ce24e7b007efca3c2a9e7f64dab8f6bf The package's collect.js imports childprocess, fs, http, https, and os, reads host identifiers via os.hostname and os.homedir, inspects local...

MAL-2026-5647 Malicious code in ts-ecro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37901692194f47c987610aab18ef37d4361e8ab01efd1a8008876920dd8b8aa2 Package is published as 'ts-ecro' but ships a verbatim copy of big.js v7.0.1 with the original author's copyright, email, and GitHub repository URL —...

Malicious code in optional-cpu-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dbbb7dd9c604ef3e5782d477d4db7c04c50f7906b19af03e63a540e0a44166e On npm install, both the install and postinstall lifecycle scripts run node install.js, which requires lib/sync.js. That file hardcodes BASE =...

Malicious code in ozonex-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5e40322806de6c1fc8ca77941438b3481f3f12059a9c34d13645c2a4b8a82c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview ozonex-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...