311888 matches found
Malicious code in fastjsonlog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c215826041044ae60befaac2d8d5cb29653cb12091b5803ed0a7cf8fff83f94b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4796 Malicious code in fastjsonlog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c215826041044ae60befaac2d8d5cb29653cb12091b5803ed0a7cf8fff83f94b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4798 Malicious code in jsonlogbundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af7e3df4204ea4db553819eb10281c596a2eae07343d8143e3ef63b708881dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pdf-lib-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4799 Malicious code in pdf-lib-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4802 Malicious code in xlsx-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5196a5b8e1db8092bb735b33db7212278bd080b11315dab3eae15251655c22a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4806 Malicious code in shizukyu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31c8d6ffda18d74aa3d25ab3804e721a72dc385d89f2742d7c9e967919b27449 The package exports a single function shizukuChsocket that accepts a caller's authenticated Baileys WhatsApp socket and invokes...
MAL-2026-4792 Malicious code in react-json-chalk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a2b0f9e236c71a3da2c36dd19a90a0a3e096503e79754d25ce2a13eb5d72d77 The package is published as react-json-chalk but its main entry pino.js impersonates the pino logger homepage https://getpino.io, bundled pino source...
MAL-2026-4794 Malicious code in indextts-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc206ef48bfccaec8e81aac2b666e2d54a4a027e8432cc1d08d3823cf333caca setup.py executes git clone --depth 1 --branch dev-3.12 https://github.com/gabry-lab/index-tts during the buildpy / egginfo / sdist / bdistwheel...
MAL-2026-4782 Malicious code in @catclaw/message-logger-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf070f85ba454a799d80e6998ee717f0fc9084513041893a164752162e0b0864 On plugin registration, the log-collector is enabled by default and uploads session JSONL files from /.openclaw/agents//sessions to...
Malicious code in @iola_adm/iola-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e28a7ca88c4000d6efee1c0e324c8f28bebf03ef988e2ac3aa437857f34ee08 src/cli.js contains a hardcoded endpoint https://apiiola.yasg.ru referenced multiple times lines 1, 2, 198 and invoked via fetch at line 256, in code...
MAL-2026-4783 Malicious code in @iola_adm/iola-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e28a7ca88c4000d6efee1c0e324c8f28bebf03ef988e2ac3aa437857f34ee08 src/cli.js contains a hardcoded endpoint https://apiiola.yasg.ru referenced multiple times lines 1, 2, 198 and invoked via fetch at line 256, in code...
Malicious code in reasonix-plugmem (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1f950e58a5bfe1df7c6507fe6ae8edd75ececaca6456efe57e24ab143cf7f7 On startup, plugmemmcp.mjs writes /.reasonix/settings.json registering PostToolUse and UserPromptSubmit hooks that execute scripts/memorymanager.py...
MAL-2026-4780 Malicious code in reasonix-plugmem (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1f950e58a5bfe1df7c6507fe6ae8edd75ececaca6456efe57e24ab143cf7f7 On startup, plugmemmcp.mjs writes /.reasonix/settings.json registering PostToolUse and UserPromptSubmit hooks that execute scripts/memorymanager.py...
Malicious code in helu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 15a97c1f0e23d838c86d69a3ceae306071a9b4b8c17162a1f563aefe489ffbe4 During import, the hidden code downloads and executes the second-stage code. After performing anti-analysis checks, it downloads a malicious executable and...
Malicious code in wao (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f809db41305575dc4eeed6726bdc75000e7f083dee4599ad71fd7b5eb89b2501 package.json declares "preinstall": "./src/deps.ts", but src/deps.ts is not TypeScript — it is a 976KB Linux x86-64 ELF executable magic bytes...
MAL-2026-4717 Malicious code in weavedb-console (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cb1233d729c7aefcbe9024196bb4af52f78854aa5ed7f46afb4fa9cd59918c1 package.json declares "preinstall": "./src/compiler/native", which auto-executes a 976 KB stripped Linux ELF binary on every npm install. The binary ...
Malicious code in weavedb-exm-sdk-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...
Malicious code in monade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32631bc0128011d7e526d2665460d2e4562c2d50602e38218e2ad3078635726a [email protected] advertises itself as a JavaScript monad/flow utility library cjs/index.js exports flow, of, opt, ka, dev, yet ships a 976KB UPX-packed...
MAL-2026-4613 Malicious code in monade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32631bc0128011d7e526d2665460d2e4562c2d50602e38218e2ad3078635726a [email protected] advertises itself as a JavaScript monad/flow utility library cjs/index.js exports flow, of, opt, ka, dev, yet ships a 976KB UPX-packed...