1333 matches found
MAL-2026-6687 Malicious code in procwire (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011cf28d546459d946b1ed6d92c3beb4cb7c5322d6a9370d52fcd40e9a81ac2f On Windows, installing [email protected] automatically downloads and executes an attacker-controlled executable. The package.json preinstall script runs...
MAL-2026-6635 Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6669 Malicious code in pvd3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c992d4bd87c36aa389d168c263ca0b89c04b425b0483217ae1098a0c2f3ee10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5384 Malicious code in enquriers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7f041bb6800c0c765683543b18f204299e64265c3d9124c54f7f0169b53348 Package name 'enquriers' closely resembles the widely-used 'enquirer' package transposed/added characters, suggesting potential name-confusion risk. ...
Malicious code in void-ulid (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17c8bf4c8a22f2c86dcf8af482d28d5fccfc1d5971289e4f06afedc17c0585a9 void-ulid impersonates the legitimate ulid/ulidx ULID generator its package.json reuses the upstream github.com/ulid/javascript repo URL but ships a...
Malicious Package
Overview nottuff18 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...
MAL-2026-4789 Malicious code in ggk-happy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d747cc7acd8bbc1defbf475aa3202fd332fd43135a6fedddfcc37356ce02eb54 Package presents itself as the legitimate slopus/happy CLI README instructs npm install -g happy; homepage, repository, bugs, and author fields all...
Malicious code in itc-actors-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22687e1f7601dde1753d3775925d62d040892631394937e56e9b9fba74fb85c6 The package contains callback.js which collects host identifiers and user information os.hostname, os.userInfo, os.platform, cwd and transmits them v...
MAL-2026-2904 Malicious code in trackora-node (npm)
trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in fadlsjf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7851237c54cc21d98214fdd4c10550fb6665672f78c6f685de666e25f116c54f The package fadlsjf was found to contain malicious code. Source: ghsa-malware 84c2aa35dc6cdbc9581e9c90d31fc8048bf73c56102725c533f82882b2aa3422 Any...
Malicious code in @kinggupong/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c19c128fca5c3aacdbc42a4005ff6e5fac66da9fb811bf98788503f6dfd00eb The package @kinggupong/libsignal-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in pear-apps-lib-feedback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...
Malicious code in internallib_v157 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d07f4a0d2270cdcb827bb50e9f546d7c4ab3b07ede66343b90478831a731b83 The package internallibv157 was found to contain malicious code. Source: ghsa-malware 2a4eddb6af3191b7183a9223407a3a1b9fb4e1b4e96da5ee15af1ae2f0515ac...
Malicious code in react-sdkk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5be5e5cc941dec9a36d78d9de45e31cd604e0efacd37d1b78b62e452689b2cb7 The package react-sdkk was found to contain malicious code. Source: ghsa-malware 60e38e54e0f061a0da679900787b26c8949e350345b5ae5e12688321574bd4c7 Any...
Malicious code in mongooose_updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f397bd93c8a607a5fb7cb6c4da24be0ed65157020f40d778f66f4bb8f0c6237b The package mongoooseupdated was found to contain malicious code. Source: ghsa-malware c02f092aac581da5247eba7163d5bcbb065ed41865e8eeb464ea1fedd8a4d6...
Malicious code in ern-picking2-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdd28d37200aac1cd5fc446acddca1c77227c48fbccf070f31a765422439184 The package ern-picking2-api was found to contain malicious code. Source: ghsa-malware 6d206018d9dd4cfb8e95bc0197ea0db4d442ee3b16f5209a2b452bc203dc8d...
Malicious code in equimper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174afe3f7c17abcec63d8bfa72500c726f7e7cc7a5b9f726c387f5e9c5399287 The package equimper was found to contain malicious code. Source: ghsa-malware 239809818f810ae94c81e006270640279952fcd3123a3e4da631e6810f4ed4de Any...
Malicious code in ts-tweetnacl-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8035e1fe9ea296c85e726e0afad93eacff3199c25542e19153f914cc63251c12 The package ts-tweetnacl-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192978 Malicious code in tailwindcss-typography-style (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f2e4636e4f08bc04591afc5b27fce2e03dea82a9883b2dc8092a6f23fa6f55d The package tailwindcss-typography-style was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-200747
Malicious code in elf-stats-nutmeg-chimney-245 npm...