136740 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...
MAL-2026-5287 Malicious code in uhd-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cd16b0b6896b16874da441b7197b846bf0c725dcff0ef2d6e8f93c6cc08fc99 package.json declares scripts.preinstall: node index.js. On npm install, index.js lines 4-5 performs dns.resolve and https.get against...
Malicious code in awaitly-analyze (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b77cddba130960f19c0c0b71b952811cc8dabd41e848d5305497cd16757ba2e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5245 Malicious code in effect-analyzer (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5234 Malicious code in awaitly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2af5864a1d317bcc70096c02229d56d855d608e28196b1ed98c7884be7a2ab6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5233 Malicious code in autotel-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9012c3503081f1a635cdffe1f65697c6df9181cedcd9e72c01338101f9f8e4c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5237 Malicious code in awaitly-mongo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad946395e22355158fb80d8dd83874ea4b4270c38900399882114d590894a615 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5231 Malicious code in autotel-tanstack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d26623d51a6dce199f16db3cf3c3aecc028dc3fe314f09e49f4d16e4bac0af4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5260 Malicious code in mountly (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in @ethlete/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5239 Malicious code in awaitly-visualizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in autotel-plugins (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96eb4c86a5765c2e51dfe25f9280eb116088dd6addbf1289f2d0f6b8af236bb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in autotel-mcp-instrumentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c64859e391f8cefcdc5dd1b66f0364b7821a5dbc3f1493a5cfb4a168ad6a4cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in executable-stories-formatters (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in eslint-plugin-executable-stories-vitest (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in autotel-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...