288 matches found
Malicious code in abuden28 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a58dd1a008e23641f5373b4593347947fb72a1a199e2354ffe75c79af4066d98 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in pasirianspirit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60cd922693da1d756dfc573575c5f9630b509a4746aeccedd588426a170d0a18 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in whs4_npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47695d571fe82fbb4402e8cc7f56c05e1cb21d0bc8089ccbd8fca32f8cf5a57c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6924 Malicious code in solana-address-codec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e1008cff7bb82464ce9ade3ae5c353e929b7367800b404a038baa8a026c69ae The package name resembles utilities in the Solana ecosystem e.g., @solana/addresses and address codec helpers, which is a common target for typosqua...
MAL-2026-6895 Malicious code in ts-bigtn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3fe9cda51a9c873f69575fec5aada84c81b0b7e907d060f28d6c6e95dc381911 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @content-editor/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af120addbb0e18e1202a82729c25dc190dba070fee695cc22bcb91c7eea6ad25 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @anna-money/anna-web-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51ad1206f707247b245f3a828c780fbe27239f1fa15c8a90782617144669af5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ts-ecro-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86149b041033a917b3b743b9381a14368e79015385b27b89429cf7f6a35d0d30 No suspicious behaviors were identified in this package version. There are no lifecycle hook hazards, no outbound network calls to attacker-controlle...
Malicious code in @mastra/fastify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ba29e7c4e2320b4f5852c18ded92c92021cfbc47d5bf8146b1a93ffa58260c7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in ecto-nightly-spirit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...
Malicious code in react-photo-views (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a47353c6255d7edb625c7ea890545e106900caeae477f0ebff432ae39c53e5 Package name 'react-photo-views' plural impersonates the popular 'react-photo-view' singular component — README badges, downloads URLs, and...
MAL-2026-5371 Malicious code in @doaction/example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e2df92bb520aefba5bcfa6e3e88b4cbd7da3ea27b121380c17615bcfbab1ade @doaction/[email protected] is a scoped npm package whose package.json self-describes as 'Example package with Datadog environment telemetry for...
MAL-2026-5369 Malicious code in @doaction/auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a625267416db212dbcffcba51a6ac48bd779ccd3760b7ef8f59e6b4905df44e5 package.json declares "preinstall": "node scripts/postinstall.js", which requires '@doaction/shared/bin/postinstall.js'. The package's stated purpose...
MAL-2026-5111 Malicious code in @redhat-cloud-services/chrome (npm)
Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...
Malicious code in foundry-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4918af978c72d6459e02a9d0b1114f54cde7f3973b1cc3f61b497a0575269592 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3739 Malicious code in viem-utils-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3d1feda8a13ce43d926de9052753f882f9f51f8afa6572c92bb4a5d3ca9412e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3443 Malicious code in @squawk/flight-math (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0595c498e25ed96bb0a13cf8ce777df0977f4c1580aadfddfcb0eaf1ae3d7915 The package @squawk/flight-math was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3275 Malicious code in @kills_sh/bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e7f5c26dc70e3f5d44e3fc5b4b94fba66089cf8d0d718fc48c4f85aada6f830 The package @killssh/bootstrap was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3209 Malicious code in apple-internal-security-library-v99 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f44267d5128f9ac2c62938b60bfa45264207a0010c41c97082c72246a3a7a248 The package apple-internal-security-library-v99 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2656 Malicious code in tailwind-stylecss-typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e0f774188361889c2e95f246317a2fece3219b9d9952ff3645e4d108bc525c5 The package tailwind-stylecss-typography was found to contain malicious code. Source: ghsa-malware...