15404 matches found
MAL-2026-1574 Malicious code in transform-spread (npm)
The package 'transform-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1395 Malicious code in dell-fusion-core-drzak (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d5d156081b9f33279287f433edff50b49a63fa67e0da031c374075fde1cc24f The package dell-fusion-core-drzak was found to contain malicious code. Source: ghsa-malware...
Malicious code in chai-as-flex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e209e357d41cfd5d03c91f7b03e155685a36191ac79740818656d310c71390fe The package chai-as-flex was found to contain malicious code. Source: ghsa-malware 43ec01f2ce6223022a2f8808fefb3586a644577acb62fbe4184add705f616914 A...
Malicious code in pyutils-helper (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8b1055c03077c874d21f69aa9403cebd070e2b7398e27b44310c977219bc0e7a Importing the module starts a silent cryptocurrency mining in the background for a hardcoded wallet. --- Category: MALICIOUS - The campaign has clearly malicio...
Malicious code in test-mal-npm-pkg-local (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75a0b0eec22915db4ca63da2987beda61280504b532ef780e81b26d53e11d8e The package test-mal-npm-pkg-local was found to contain malicious code. Source: ghsa-malware...
Malicious code in noteasonfnsource (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 fa2242ec1849ffa55a55c85b7781623cdc7147b8568b3beaa5d2b3b956c04e17 Code provides a Discord bot, which - once a generic command is called - performs malicious action against the Discord server: deletes all channels, renames the...
Malicious code in hashtools32 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 689514b83cd6496b0a4213d26325e73cd2c4f0e19128b969d19797bcdd4b131d During import, the package attempts to exfiltrate sensitive Telegram session files --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
CVE-2025-47904 Unsigned upgrade package
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows Malicious Manual Software Update.This issue affects Time Provider 4100: before 2.5...
MAL-2026-932 Malicious code in easyreg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 2897582bf6c0c29d4fc679ee338263019a8a5d5bcb66b5ae2c59454d6c967d6a The package pretends to be a development helper but, in fact, downloads a remote executable. Dynamic analysis reveals actions like disabling Windows Defender a...
Malicious code in despicable-me (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80a6021ab3cbadc4a7b2c84dee85c1da3a01ecbab1b0a3b1e8aa1f6835a818ca The package despicable-me was found to contain malicious code. Source: ghsa-malware 8919618889f25d842da82fbc9462b9c95cfdcc8aaf393841f00b952d6f2e71f1...
Malicious code in node-dotenv-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76b47bebee6a74c00d3be10fad072e05074a62b29205377f682463290bad39c3 The package node-dotenv-cli was found to contain malicious code. Source: ghsa-malware 5bb66069e2bde985ae448962eaaf6373cd54aa2cd51fb20a0fef26ecb5dee2d...
Malicious code in gpu-discovery (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ea1fffa4a4969c85232301df3c8d107642ac143fbf51600d166cfd2f8d536e10 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in kwp-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8db163baaddfa00a5ad4be917d7b8147bbc3b1b0807694614ab14ebac6c431 The package kwp-analytics was found to contain malicious code. Source: ghsa-malware 57994b2b00321595177d73893abdd66ed3fdbe0f5ff0a7565c59efb6126d9e7a...
Malicious code in callapirequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6e7fadeb48347b57805dea2f58d0f662e43170e0e4439a424f6dec66cf285452 Importing the module downloads and starts remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
Malicious code in internallib_v828 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1fe83e3d9c31b100d3117b436d62cb5bbed907b6393fd0ae603bd365e73889 The package internallibv828 was found to contain malicious code. Source: ghsa-malware d15fc740eb3e49fec4406761a411f74ba5e572f8ead9811783ba32b4417d0db...
MAL-2026-524 Malicious code in mapkit-example-vue (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a99b2a1b5d1181c18ff26056481018d107fc6fc38df563e0d7fba6aa44b7cd51 The package mapkit-example-vue was found to contain malicious code. Source: ghsa-malware...
MAL-2026-391 Malicious code in internallib_v962 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9664f22a915362fceed28ec2e15ea4bfbc16dbdd91cb358cba05ef247fec36a5 The package internallibv962 was found to contain malicious code. Source: ghsa-malware 1e08ba6555343cafd51a03a186572eaf33065999ee721770a8d507645826dfd...
MAL-2026-386 Malicious code in chai-chain-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3340d37485bf0cbe47f2378b96588e8afadc83635bef93d108730ea72ab8f78 The package chai-chain-async was found to contain malicious code. Source: ghsa-malware a3404961b3edc416f501bf5ec175f0bbb95a188e9f1210305c9e37783e6265...
CVE-2023-29444
An uncontrolled search path element vulnerability DLL hijacking has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their...
Malicious code in hiqomu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f1b14ad8ceaca23c5a536740bb79e0425805fb3df3bd23448dd6cee7af377ad The package hiqomu was found to contain malicious code. Source: ghsa-malware 0bd082bac5a58a31b60a13d745e6ec55d8e49b1e4d5d17c9f3711f28e611f0de Any...