745 matches found
Malicious code in ishowfeet15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34a7b03a8ca0b677deda412c60e728b69b4823084f139fae2af7feaaf8aa5207 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden24 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb51631494082c47eae9693ef57def77cbb5e4ecef742b0e1cf5ac6f41b4573f The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in backupsitetuff6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector daf0f0345d3aed2a0b5f8f145161679e6ebf492603ce2e99d586903f5b8044c9 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nodemon-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15ac606888cb1a54710bafa78dc76d760bef1088bb5e2cc0f0323614341345e5 The package is named nodemon-patch but its package.json metadata homepage https://nodemon.io, author Remy Sharp / github.com/remy, repository, fundin...
Malicious code in whs4_nmp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53a1fc3c42fcd64070dd50db1ed23a9f238bd10fea9bba087cb605f7419af28c The package's postinstall script runs node index.js on install, which invokes reportLoadedFrom to POST installer-side data to a hardcoded Discord...
MAL-2026-6930 Malicious code in annotator-harvardx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e60352f3188693c150a75a0c785e9398fd12270a4cd481c3bcb411993beffbbd The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6920 Malicious code in crypto-base58 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7da752b2532b67e824f8904ffce7618b074a6a58746099b36b4ee547d936c8d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6899 Malicious code in twcompose-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 096d151917a14021013de8dbd595466944a677be49ee8ca4b3ed94de63d85cd9 The package's main entry point src/index.js contains heavily obfuscated JavaScript at line 138 using a classic string-array shuffle pattern while!!...
MAL-2026-6879 Malicious code in sol-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea6f550ff0944a5125136900111863f7ec99ea46c3f2472181c87ed2b8ce8c57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6875 Malicious code in secure-box (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fac79042697157915144f205c342b79f8a019218c45580224a85c045c03fea9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in npm-doc-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd9478699eb0ff355280d938bef68818018c0c5cb579b3c144f6c0e134dfad1b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6807 Malicious code in bootstrap-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9ac4913fc1ffcabe1ed6637abc6d532abc014683f48b341ece6127a51da15d8 The package's index.js is heavily obfuscated with classic string-array shuffling patterns e.g., while!! loops with repeated 'shift' calls and...
MAL-2026-6747 Malicious code in web-api-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ca2f8dce9e845346901818eadd06a0cda318c99ac3e059cd076d9f4065e2c17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6742 Malicious code in alder_morrgan (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96468d16380fb68b99823735be418b7393216e068ce91f6aa31f2e1305d9d4d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6606 Malicious code in @concerns/i18n (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b727ee2cbb3fadb59ee0ec7febb6db24f25e775ee3957c6765800a61de44289f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @contenteditor-shared/content-editor-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9fc086285355b04152703d1c9de2c2a48e3b70580c5f8cb02fa60918e52f47a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6611 Malicious code in @cxp-shared/string-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2cd735ed6a2711ca0dfcb8cb4fee948afe5e923d6b56743b3fd7ee922bd8d14 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6628 Malicious code in @img-hls/vtt.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad530c5830e0148f1b5b34ac28336c1b1468d5a11ffa2ff265368e13199cceb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6410 Malicious code in @su-doughnym/react-dlb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2269beae8c30caccda966ca3aba35c3eddb4795fba0161045f14758ff150f58b Package self-identifies as a dependency-confusion bug-bounty proof-of-concept and is published at version 99.99.99 to win resolution priority over an...
MAL-2026-6336 Malicious code in sync-external (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc297a0deaba794fdbfccc280a79c7cc895f21fc4e0122b1fba1bc4759b66c3f The package ships an obfuscated JavaScript file at shim/index.js using hex-style identifier mangling 0x391f3f, 0x3eff0a, 0x534564, etc. characteristi...