MAL-2026-4276 Malicious code in build-scripts-utils (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

MAL-2026-4247 Malicious code in solana-pda-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 932b19a77a3ac634909a0f284df48d9b2a8b28f9c5370bd50306d7ba5a1335e9 On npm install, package.json's postinstall hook runs node -e to issue an https.get against...

GHSA-27F5-XJRR-Q9FF Malware in @opensearch-project/opensearch

Overview The OpenSearch Project has sustained a security incident involving an external actor gaining force-push permissions within the project's CI infrastructure to embed malicious packages into four release versions of @opensearch-project/opensearch. Users are instructed to immediately take...

MAL-2026-2712 Malicious code in @evoja-web/redaction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6b4a72b65f3b4cc6345a711aad3f9282d9ec77958341be6861f2b355ff3f976 The package @evoja-web/redaction was found to contain malicious code...

Malicious code in @mgcrae/pino-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31dc9253706aebd955016075e321d19d7dfc9b231882d7b24a6c932fa3dfa80 The package @mgcrae/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2393 Malicious code in this-is-my-test-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d72a917ddcec635fc210d8767a9c289b6d43128c589de76fe7c0548da33878d2 The package this-is-my-test-package was found to contain malicious code...

MAL-2026-2363 Malicious code in env-extend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b65432f04e2d76673de1e30fd9afbce2259306e45f6590848f02eb6f72535333 The package env-extend was found to contain malicious code...

MAL-2026-2337 Malicious code in chai-as-aligned (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bfc79b3c746510178bdaa8e79ecf903f3705e61a09a5846e263159301607f91 The package chai-as-aligned was found to contain malicious code...

MAL-2026-1839 Malicious code in react-state-optimizer-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 782cd7f3728f924a764bf54c8c73a27b8170cdf85f11902e6d8d806db39fa172 The package react-state-optimizer-core was found to contain malicious code...

MAL-2026-1656 Malicious code in argonnode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f60d672b9b27685ae096e5891cc64c301004345e38b2a1ecda4e569340c6236 The package argonnode was found to contain malicious code...

MAL-2026-1649 Malicious code in advertising-podlet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb234dd090695707ab05d6b4726b89a073ae2f517cad9b2fb7069aa58d08360 The package advertising-podlet was found to contain malicious code...

MAL-2026-1921 Malicious code in resolvrtest (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2026-1911 Malicious code in prometheus-quicker-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2026-1904 Malicious code in loveclose (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in tether-dev-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0d07b28a3afe4c020244ad7d5415342f3d62c4436107a5d764307d102b193ef The package tether-dev-docs was found to contain malicious code. Source: ghsa-malware 57a6db50523e4b656bdec519331a0443d43f1f9ae2dd91e5e1a1ee5ab6cc5ed...

MAL-2026-521 Malicious code in hammer-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e80d8bb4c65368f8c47250020a44866a9d32f6182fb7b5f2aed113723d35d8 The package hammer-jquery was found to contain malicious code. Source: ghsa-malware 72eb1b0f96efc21e3317dc341fbe50547a0d31332d3fc8470fc5a6c1c85053be...

MAL-2025-192924 Malicious code in u2f_client (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-192714 Malicious code in bignumberx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 373a71b85072c46f30d8c905a20be254d540302a332c6cae5663cb76e4b8b620 The package bignumberx was found to contain malicious code...

MAL-2025-192539 Malicious code in elf-stats-twinkling-bell-867 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b16e86864b736fb7b1bce367459299eab10179b9a5bf8b5740c0f6c2346974a6 The package elf-stats-twinkling-bell-867 was found to contain malicious code...

EUVD-2025-143633

Malicious code in aaku-lia-tea npm...