311910 matches found
Malicious code in @pypestream/floating-ui-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c054f1bdbe451e796bb0623296f4240c654e72b4ef794089dad3428bfed98fd2 The package @pypestream/floating-ui-dom was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2030 Malicious code in @pypestream/floating-ui-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c054f1bdbe451e796bb0623296f4240c654e72b4ef794089dad3428bfed98fd2 The package @pypestream/floating-ui-dom was found to contain malicious code. Source: ghsa-malware...
Malicious code in opengov-k6-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d6d3e0e21551377d17f0e85338f6ea9650b7c18f717b6e1060b1d50962ed112 The package opengov-k6-core was found to contain malicious code. Source: ghsa-malware 1370c540f2157e1e42d9edb109b0b6c57f27d35cfcfd8ebef2a5dc2d44db6e3...
MAL-2026-2027 Malicious code in opengov-k6-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d6d3e0e21551377d17f0e85338f6ea9650b7c18f717b6e1060b1d50962ed112 The package opengov-k6-core was found to contain malicious code. Source: ghsa-malware 1370c540f2157e1e42d9edb109b0b6c57f27d35cfcfd8ebef2a5dc2d44db6e3...
MAL-2026-2024 Malicious code in @mesh-helpers/themehelper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1743b5d260ab5fc722b3c6d24903ff994a0f9e77630220b02cc8d8d036e84195 The package @mesh-helpers/themehelper was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @mesh-components/card (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c96d53100e05047008977d25b2800e9da6e1d83f42874dcf6be5ed4144d3d83 The package @mesh-components/card was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in thisismytest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a1c269bbb834081025da993697e3e2e44db4a97e16e21f4c792ed85391772fa9 During installation, the package downloads and runs a remote executable, which is identified as a backdoor. It connects with a remote server and executes basic...
MAL-2026-2016 Malicious code in qyrm-pipinject4 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9a21af6fd1f0c3069036b62cd769efe0cd35077f9141b1454397e44561c73461 During installation, the package starts a reverse shell. --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...
MAL-2026-2010 Malicious code in yelp-react-component-badge (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abec06c903f4139ed298b19b96521401231e6bd0cc306e5e7015d971d5a4260a The package yelp-react-component-badge was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2009 Malicious code in repo-typescript-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c009aa720ff70075b05dfa732a4d21fb40241c526d6615825dea97202843b252 The package repo-typescript-config was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...