MAL-2026-5495 Malicious code in @solana-launchpad/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f311ca65e1dd4812e0b9812be713108a676a6f25c8d48443ab93a97133447b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5494 Malicious code in @meme-sdk/trade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 834651739573caf81a290f10c68ebc41c1e9f9b4a1724c620148e097ba0b678a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @validate-sdk/v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e93b483fd9338717a984d2e695d44a5497cb4b2d1a91c0eabc160fbc6d6cd7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5497 Malicious code in @validate-sdk/v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e93b483fd9338717a984d2e695d44a5497cb4b2d1a91c0eabc160fbc6d6cd7aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RUSTSEC-2026-0175 `onering` 1.4.1 was removed from crates.io for malicious code

A new version of the onering crate was published with code that attempted to exfiltrate both metadata and code from the project it was included within. One malicious version was published on 2026-06-10, approximately six hours before removal. This crate has no dependencies on crates.io, and there...

`onering` 1.4.1 was removed from crates.io for malicious code

A new version of the onering crate was published with code that attempted to exfiltrate both metadata and code from the project it was included within. One malicious version was published on 2026-06-10, approximately six hours before removal. This crate has no dependencies on crates.io, and there...

Malicious code in coinbase-wallet-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ab9b05ffef17005997a718b420c7842eaa66c9e8b6586f8f62ccaeeb3d35a4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ethers-jss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56bf62c882d62bbb9bacc402f0f25f48e12b878ff454eda013fed56dc61db42e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5501 Malicious code in ethers-jss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56bf62c882d62bbb9bacc402f0f25f48e12b878ff454eda013fed56dc61db42e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5499 Malicious code in coinbase-wallet-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ab9b05ffef17005997a718b420c7842eaa66c9e8b6586f8f62ccaeeb3d35a4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in csc154-internall-depend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 468d4fe797c3be3e29ea6da37c1b04112162bd349f7aea270cdbc4ba929d945d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5500 Malicious code in csc154-internall-depend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 468d4fe797c3be3e29ea6da37c1b04112162bd349f7aea270cdbc4ba929d945d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Embedded Malicious Code

Overview @builder.io/dev-tools is a Builder.io Visual CMS Devtools Affected versions of this package are vulnerable to Embedded Malicious Code. The affected version contains malicious code, and its content was removed from the official package manager. While this package might be attempting to...

MAL-2026-5493 Malicious code in @builder.io/dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 670a0957692786d7cd690da1c51472380e131ceb1149cf37e265a8549ad5339b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xnder-wrapper-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ff6538b76e9f03f65d8f16113bb6b606a59e59c172e9facb7de6ce0b523a7fb package.json declares "postinstall": "node scripts/script.js", causing scripts/script.js to run automatically on every npm install. That file is the...

MAL-2026-5491 Malicious code in xnder-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cac2bcdbeb978a93be7021106fbfcab7795f51b434141160391cb89df0a87ab The package contains scripts/script.js with heavy obfuscation patterns string-array shift loops, hex-encoded indices, while!! anti-analysis construct...

Malicious code in xnder-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cac2bcdbeb978a93be7021106fbfcab7795f51b434141160391cb89df0a87ab The package contains scripts/script.js with heavy obfuscation patterns string-array shift loops, hex-encoded indices, while!! anti-analysis construct...

Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code

Large Language Models LLMs are increasingly used for code generation, raising concerns that they may be misused to produce malicious code. Meanwhile, Grammar-Constrained Decoding GCD has been widely adopted to improve the reliability of LLM-generated code by enforcing syntactic validity. In this...

MAL-2026-5486 Malicious code in menu-filter-widget-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bed4a7ece362ef59f2b621b3f64d06e899740c8ca8d73e437145d48b960187ce package.json declares a postinstall lifecycle hook that runs callback.js on every npm install. callback.js reads os.hostname and sends it to a...

MAL-2026-5469 Malicious code in getd-transactional-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe5e89f2411faf9265508a84772d5667bb3095cf28937bb9e9ab80a215ff4208 On npm install, postinstall.js issues an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 carrying os.hostname,...