Malicious code in monade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32631bc0128011d7e526d2665460d2e4562c2d50602e38218e2ad3078635726a [email protected] advertises itself as a JavaScript monad/flow utility library cjs/index.js exports flow, of, opt, ka, dev, yet ships a 976KB UPX-packed...

MAL-2026-4613 Malicious code in monade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32631bc0128011d7e526d2665460d2e4562c2d50602e38218e2ad3078635726a [email protected] advertises itself as a JavaScript monad/flow utility library cjs/index.js exports flow, of, opt, ka, dev, yet ships a 976KB UPX-packed...

MAL-2026-4713 Malicious code in wdb-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...

Malicious code in cwao-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 821b56cf14d7125df010804baf204325703e58d8f238fc0f219bf82652d99f31 package.json declares "preinstall": "./scripts/postbuild", and scripts/postbuild is a 976,568-byte stripped Linux x86 ELF sha256 36abd242…. The packa...

Malicious code in testnpmnmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e82942b1fcdaed1a1085ad9590ef93704e276c5c5ca1622884abac014f03980f package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976,568-byte unsigned, unhashed, unversioned Linux ELF...

MAL-2026-4691 Malicious code in testnpmnmp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e82942b1fcdaed1a1085ad9590ef93704e276c5c5ca1622884abac014f03980f package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976,568-byte unsigned, unhashed, unversioned Linux ELF...

MAL-2026-4544 Malicious code in cwao (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48b0fefe9d99bcebeaa878f5bb2ca40df917b40785d6b5b8a31cf6e70a44970 package.json declares "preinstall": "./vendor/setup", which directly executes a 976,568-byte packed Linux x86 ELF binary shipped in the tarball. The...

MAL-2026-4689 Malicious code in test-ajs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 851b521e3dde5ea11478cd37cc4bf8da2f0a0ca1864d6c39fa27fd02ef0f9308 test-ajs advertises a 2KB React/Recoil helper dist/cjs/index.js, 2169 bytes, exporting Roid/inject glue over react+recoil but ships a 976KB Linux ELF...

MAL-2026-4721 Malicious code in weavedb-node-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d174728fc7469b023ece1980797185c35abd74c56e253bc1dc1b295a46a1dbd2 package.json declares "preinstall": "./tools/setup", unconditionally executing a 976KB UPX-packed, stripped Linux x86 ELF on every npm install. The...

CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

Malicious Package

Overview wm-plugin-native-functions-restorer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...

Malicious code in cxpher-linux-arm32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd6c14d2899b638880b25bf1c35973ed1c9cf6fcb99331447e3da7c2478124c7 The package's main is an ARM ELF binary that, when loaded, mkdtemp's a working directory under /dev/shm/.cxpher.XXXXXX or /tmp/.cxpher.XXXXXX, writes...

MAL-2026-4763 Malicious code in pulumi-vcd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08bbc8be2cfa9a85473b0287e3c327b16c3f9e15886869bd9e2188a323448fd9 Package pulumivcd is published with metadata mimicking an official Pulumi SDK Homepage https://www.pulumi.com, tfgen-style auto-generated bindings bu...

Nucleus Security vs Hive Pro: CTEM Comparison

Choosing between Nucleus Security vs Hive Pro is really a decision about how your security team wants to run exposure management: as an aggregation and workflow layer over existing tools, or as a broader CTEM platform that combines aggregation, native discovery, threat intelligence, validation, a...

CVE-2026-48207 Apache Fory: PyFory ReduceSerializer Incomplete Policy Enforcement

Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resolution. An application is vulnerable if it deserializes attacker-controlled data using PyFory...

MAL-2026-4448 Malicious code in @tailwind-core/oxide-linux-x64-gnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a107a0746f2f5159d661e4d332eac53f871b9d22f80caf5863bdd713e252ae00 The package name '@tailwind-core/oxide-linux-x64-gnu' impersonates the legitimate Tailwind CSS v4 oxide engine package...

Malicious Package

Overview @doctolib-apps/native-personalized-services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

MAL-2026-4186 Malicious code in @doctolib-apps/native-personalized-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac2da4b8de2ea081f8fe7b84ef6182ab363616dc0515aaa03368bcba4a4b8e76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @rspack-debug/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c05c92aa1796614da12b282390f160fef2a5c63aba9a3257af956c19df341ce5 Package @rspack-debug/[email protected] impersonates the popular @rspack/core bundler. The README, description 'Fast Rust-based bundler for the web with a...

MAL-2026-4428 Malicious code in @rspack-debug/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c05c92aa1796614da12b282390f160fef2a5c63aba9a3257af956c19df341ce5 Package @rspack-debug/[email protected] impersonates the popular @rspack/core bundler. The README, description 'Fast Rust-based bundler for the web with a...