MAL-2026-4827 Malicious code in unleash-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d00549f2feef5f3af06b3625effca261dd2be514ae05dc1b21c60e3cb9d1b23b The OpenSSF Package Analysis project identified 'unleash-js' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in b2bneo-rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81aa2ce0b474a6829ca4aa8dca5776be81b750b88d093c610de24760671b8fb6 The package b2bneo-rest was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3327 Malicious code in capacitor-plugin-service-worker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f1958d8bc44724a00d45b291983ad836dc2f28370c27f83c76f7bf1780bd4b The package capacitor-plugin-service-worker was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in black-moon-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c672e4ab8770773551a9ff9b6b95a5740894bd1c689154056f69e5da4fdb879 The package black-moon-js was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in npmamzs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25a8c88c6c60c588983806906169ffad0a2a863d45482ac8e2740f320f7cb2ea The package npmamzs was found to contain malicious code. Source: ossf-package-analysis d494475ee013b73bb0df9b1f0533b2f169fb6feff4b7c3c282c3629588be4e...

MAL-2025-48615 Malicious code in binance-connector-js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61b2f0cbecf7f16706a567eb1deed7a8dc1722f112d2a002a9e94e690a066f3d Any computer that has this package installed or running should be considered...

Malicious code in paysafe-client-proxy (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ca3abf57e822e819e2d6ce06757f3a061020e9f84cde317ba1382e03d945884 Any computer that has this package installed or running should be considered...

MAL-2025-47462 Malicious code in skiko-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 381c5141fd91ab3795d9f9dba07327b46acb9f0f3a869e49411412f5bcbe6ea2 The OpenSSF Package Analysis project identified 'skiko-js' @ 10.0.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in audi-footnote-reference-service (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c035d5ff92937ddffc6c544ab41cd4721ed9e798733de1f734142b33775388ca Any computer that has this package installed or running should be considered...

MAL-2025-42144 Malicious code in library.cycle.e (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73b010d9a667293958470880270b863c3eae2d00bdca71e08f3bddcbfd0947c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in calientepe-theme (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift

Malware detection in real-world settings must deal with evolving threats, limited labeling budgets, and uncertain predictions. Traditional classifiers, without additional mechanisms, struggle to maintain performance under concept drift in malware domains, as their supervised learning formulation...

Malicious code in @espace-client-axafr/otp-form (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-41295 Malicious code in heft-storybook-react-tutorial (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9aaa15f8740a436b59266355d59bb470dfd605d6260dc307a40ef50e20f65939 The OpenSSF Package Analysis project identified 'heft-storybook-react-tutorial' @ 99.0.9 npm as malicious. It is considered malicious because: -...

Malicious code in pngquant-bin-static (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6808 Malicious code in latam-xp-analytics-plugin-gtm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 333a48f2dfbcb9ab75608fb120182771732f71543d3bc13c3352b144b3022403 The OpenSSF Package Analysis project identified 'latam-xp-analytics-plugin-gtm' @ 2.0.0 npm as malicious. It is considered malicious because: -...

Malicious code in grafana-config-pipeline (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24878cfe315198916799cf0320237c09a463a1ff8b50f0d5ff6bdc70ba117ca5 Any computer that has this package installed or running should be considered...

Malicious code in webxr-input-profiles (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in telenet (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in hello-gator (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99c626fd5c61521e9e6c52377eb5d3a75ea4230c12ca16c294e86ead8364c064 Any computer that has this package installed or running should be considered...