MAL-2026-1969 Malicious code in spstargm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ce1a8a7d00ca1aef6f9b8efb51402365637ca06d3d60ac779221ed3c0827d9 The package spstargm was found to contain malicious code. Source: ghsa-malware a0415f3c475983a53adb25756b7fd123d025c7be9670499938f81de0229f596e Any...

MAL-2026-1772 Malicious code in libxmljs12 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ee7e3fb53b96ddcd2961ae800b9d761e4c39ff53bcf5894200f41d12fa88942 The package libxmljs12 was found to contain malicious code...

The SOC Files: Time to “Sapecar”. Unpacking a new Horabot campaign in Mexico

Introduction In this installment of our SOC Files series, we will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago. It involves a threat known as Horabot , a bundle consisting of an infamous banking Trojan, an email spreader, and a notably complex...

MAL-2026-422 Malicious code in oce-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b843dd5f2dd468eea116bc6b01258c72903738ea423def44e73bbee3e0a477f The package oce-icons was found to contain malicious code. Source: ghsa-malware e946a5aefa4f4734044a2667883bff32c43c93401630708063066e1348fb2b25 Any...

MAL-2026-268 Malicious code in assurance-common-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f8abc4852c66bf4b76ca608a34a2c7ec7a32f25ade245d11fd2eb4429d2ad48 The package assurance-common-components was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-95831

Malicious code in patria-kolak66-breki npm...

EUVD-2025-90183

Malicious code in maman-gandul76-miaww npm...

EUVD-2025-81249

Malicious code in meltedparrotdumbs npm...

EUVD-2025-83767

Malicious code in utomo-rangginang58-remi npm...

EUVD-2025-39778

Malicious code in eko-tempe28-miaww npm...

MAL-2025-49468 Malicious code in zain-ketan1-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebd92ee6926b6ad2910a8826f25005aea80cb8ba4c5b1303e6efd35c07a180d2 The package zain-ketan1-sukiwir was found to contain malicious code...

MAL-2025-49347 Malicious code in lowerx-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c339fedf47fd9aff8ff17bb12b8d3014f38189be9b38d17606826127b03ff6ba The package lowerx-package was found to contain malicious code...

Malicious code in simple-app-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12841bf7b69cb4d4bbfe8fe7d87b976164b92187dae534f07331b5025779b542 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-44164 Malicious code in erwin-takokak69-breki (npm)

The package erwin-takokak69-breki was found to contain malicious code...

Malicious code in @zalastax/nolb-_jag (npm)

The package @zalastax/nolb-jag was found to contain malicious code...

MAL-2025-45132 Malicious code in maxujun-shijie-mingkan-sudu-erlingyibalingba-yiyi (npm)

The package maxujun-shijie-mingkan-sudu-erlingyibalingba-yiyi was found to contain malicious code...

MAL-2025-44561 Malicious code in heike-yuying-shouce (npm)

The package heike-yuying-shouce was found to contain malicious code...

MAL-2025-43346 Malicious code in @zalastax/nolb-pass- (npm)

The package @zalastax/nolb-pass- was found to contain malicious code...

MAL-2025-45929 Malicious code in ruhe-kaifa-haizide-yuedu-qianli (npm)

The package ruhe-kaifa-haizide-yuedu-qianli was found to contain malicious code...

MAL-2025-43566 Malicious code in bambang-mangut87-kyuki (npm)

The package bambang-mangut87-kyuki was found to contain malicious code...