311901 matches found
MAL-2026-2320 Malicious code in base-x-64 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2486f9bad36944300cb58e1a73a370afef7be10040daf814861d1b1a6287cdb8 The package base-x-64 was found to contain malicious code. Source: ghsa-malware d09ca9d36cb3821dc878f97db3b7e8ddef6f5f8e390373492186d10b668718f3 Any...
Malicious Package
Overview base-or-engine is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in base58-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3507af35455908a5b982b470adae215c0ee155a68cbe2a6a59a1f3b6bd98f342 The package base58-engine was found to contain malicious code. Source: ghsa-malware 9f811caacac31851267205cb855bc06a1a39a198f98d9510f12e27dfba097f83...
Malicious code in base-or-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2deff4ab9db147fda78b79b3687e76c9d46381670c58924f03f852518002a649 The package base-or-engine was found to contain malicious code. Source: ghsa-malware d6d4b7d60db50af8f8a9614f9ac0a742cf6472998e11e6233c6190b518332958...
Malicious code in @logcore/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in jonas-prettier-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f4e8e2d6e083733be2f7a98647f2a7267b3be203837f3081b4884ef3b926a0 The package jonas-prettier-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2321 Malicious code in base58-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3507af35455908a5b982b470adae215c0ee155a68cbe2a6a59a1f3b6bd98f342 The package base58-engine was found to contain malicious code. Source: ghsa-malware 9f811caacac31851267205cb855bc06a1a39a198f98d9510f12e27dfba097f83...
MAL-2026-2318 Malicious code in @logcore/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2324 Malicious code in jellyfi-pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1230eb2336763c228ba6ac98d349f8cc64a1ae28755d8da374f336e77aa928 The package jellyfi-pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2319 Malicious code in base-or-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2deff4ab9db147fda78b79b3687e76c9d46381670c58924f03f852518002a649 The package base-or-engine was found to contain malicious code. Source: ghsa-malware d6d4b7d60db50af8f8a9614f9ac0a742cf6472998e11e6233c6190b518332958...
MAL-2026-2325 Malicious code in jonas-prettier-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28f4e8e2d6e083733be2f7a98647f2a7267b3be203837f3081b4884ef3b926a0 The package jonas-prettier-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2316 Malicious code in openai-async-helpers (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7619c9858e5326f4842462084bc313409a364f2b5c9aa004103c7d33a97c3545 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in latinum-wallet-mcp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 afbe7d2a026f5fb11d3046e061ded50c350b420b146cd446fc0e009cb7190543 Starting version 0.0.32, the code automatically exfiltrates the private key together with other metrics during the buildmcpwalletserver call for the Solana...
Malicious code in @c8o/nimbus-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...
MAL-2026-2314 Malicious code in @c8o/nimbus-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...
Malicious code in tailwindcss-typeface-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3a4cecee37faea4489bd810f6d044cde9205a74e0c225bef7b07cbbe207eb88 The package tailwindcss-typeface-inter was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2312 Malicious code in tailwindcss-typeface-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3a4cecee37faea4489bd810f6d044cde9205a74e0c225bef7b07cbbe207eb88 The package tailwindcss-typeface-inter was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2310 Malicious code in lakeflow-community-connectors (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 931d6183e0dc407fb2c14769dcebb7d1845f4af9ca0b26766d75d783b5611165 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in axios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 503284900929e333b801f9f47419a2b4c21e4022d13a03fc14e4b5390767a51d The package axios was found to contain malicious code. Source: ghsa-malware bcd851213ecf0f8dc58fe88d79b3d19a59388272b2426097de7edc4c53df5d9e Any...
Malicious code in plain-crypto-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f18d90df82216aedaaeca02607816457cfe0df4bc89bf292a4d7f3549e912d8c The package plain-crypto-js was found to contain malicious code. Source: ghsa-malware 4dfdc3dd18fb6fe824f34c663d26a2f7225e65a4b858a6f3ed6620a7a725c86...