234825 matches found
Malicious code in upstartadmindashboard- (npm)
The package is a malware. It exfiltrates system info to a hardcoded domain, collects sensitive data, and executes suspicious commands. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0760e39fa3fc4d272de9fb78decddc3a25ae673efe12e9bff4e8d9f28ee5c55 The package...
Malicious code in upstartloans (npm)
Collects and exfiltrates sensitive data credentials, keys, history to p1s.uk with disabled SSL validation. Suspicious postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a1d5c610e0cc5ec6be53b8d0d986d5ddef30937d04c977998db4c2d4b0be908 The package...
MAL-2026-2619 Malicious code in upstartloans (npm)
Collects and exfiltrates sensitive data credentials, keys, history to p1s.uk with disabled SSL validation. Suspicious postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a1d5c610e0cc5ec6be53b8d0d986d5ddef30937d04c977998db4c2d4b0be908 The package...
MAL-2026-2611 Malicious code in upstart-lending-status (npm)
Package is malware. It steals credentials, collects system info, and exfiltrates data to a remote server via postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 627a2802a53ad7eb751fcac4b0a43245c6b0bf9e667db77051758b24d8bc4d96 The package...
Malicious code in upstartapplicationstatus (npm)
Package is malware. Collects and exfiltrates sensitive info SSH keys, credentials, env vars via insecure HTTPS/HTTP after install. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e154270d6b3540f095f5fc77ab1167448e967009cbb719f6fc087c32fadce15f The package...
MAL-2026-2616 Malicious code in upstartapplicationstatus (npm)
Package is malware. Collects and exfiltrates sensitive info SSH keys, credentials, env vars via insecure HTTPS/HTTP after install. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e154270d6b3540f095f5fc77ab1167448e967009cbb719f6fc087c32fadce15f The package...
MAL-2026-2614 Malicious code in upstart.previewcss (npm)
Package is malware. It collects and exfiltrates sensitive data SSH keys, credentials, environment variables and system info to a remote server. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2d5c329f24c54ca68ce21884867d6b4db6ae64d0e2041af60deb2203cc8830 The...
MAL-2026-2654 Malicious code in pinstatsd (npm)
Package is malware due to data exfiltration to multiple domains via DNS and HTTPS, along with a suspicious preinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b13ae52dde0a4efddd6d12bc4795b77da5433cb750b4ddb852f1aca27ea457e The package pinstatsd w...
MAL-2026-2564 Malicious code in gp-auth-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a24cae80696867d7d7b835ee70e1ef1e85373092f31cd93e2a35508ae3d2afb3 The package gp-auth-lib was found to contain malicious code. Source: ghsa-malware 73c001ebe2675cd78ef852bc2e78ff6fb837fd64b9b490dbea61c4ff1ca6d146 An...
Malicious code in ts-schema-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa35c0f1b632f24027499340dfbe35df1f1d57bed2a5ad8327d688a7b23507a3 The package ts-schema-helpers was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in unisys-uka (npm)
Package is malware. Collects sensitive info, reads files, executes commands, and exfiltrates data to a remote server via postinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25745bb1be4d673e8e465091f55bfdad6ad5cd5740583fd9a9f38fd7dd3e5d57 The...
MAL-2026-2876 Malicious code in unisys-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f0369680ea400c89b8ab01dfc75f7a7df45c8a26bfc5631a636770ccf32c9ed The package unisys-common was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in unisys-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c759e3a9b4c256239f0ec3be5b97424efc8191d317d82feb632b84e77d6c46eb The package unisys-core was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2875 Malicious code in unisys-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89bc257f69dca8cec54b15b47533c97f9b6b47f16aae5f2dc868ff7faaf0c93b The package unisys-auth was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2869 Malicious code in arlo-meeting-assistant-rtms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5f17c482aef8ac270cf630fe452dacc79acbeb0b473ffd0ac640769e1a0fb6 The package arlo-meeting-assistant-rtms was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in arlo-meeting-assistant-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 842ae675e3d076ecc89e2697ee378f503945bae268487584277cd92a93ec44fe The package arlo-meeting-assistant-backend was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @b2b-portal/uch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89eb419e1f7beb102007973e2d226cb2cb5f534096cbc2be8dc538324f3f19db The package @b2b-portal/uch was found to contain malicious code. Source: ghsa-malware e559f0d2d934ad98bda8c11ca6613644ecf3f2584bee7e75c7edf59ecda35d3...
MAL-2026-2560 Malicious code in @b2b-portal/uch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89eb419e1f7beb102007973e2d226cb2cb5f534096cbc2be8dc538324f3f19db The package @b2b-portal/uch was found to contain malicious code. Source: ghsa-malware e559f0d2d934ad98bda8c11ca6613644ecf3f2584bee7e75c7edf59ecda35d3...
MAL-2026-2872 Malicious code in ts-form-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f2ff1bf87164fdeb2ca9c37d578f7156164a344ffd11bcdb84ce34880358fea The package ts-form-helpers was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in paysafe-venmo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fce8d34aa19e18a627c71bd9fd4d16246319ca05abafd983708a534663a573f The package paysafe-venmo was found to contain malicious code. Source: ghsa-malware 678a8d684fa9e6f72f98c45d404c3e749491bd582d4b78ddc4bc3d020ae3c172...