234856 matches found
Malicious code in revolut-merchant-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be3c58d0da88dbc307fda899df07f7e6badfcba4ccb5f98ce68e1daef3caa8c7 The package revolut-merchant-widget was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1481 Malicious code in revolut-merchant-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be3c58d0da88dbc307fda899df07f7e6badfcba4ccb5f98ce68e1daef3caa8c7 The package revolut-merchant-widget was found to contain malicious code. Source: ghsa-malware...
Malicious code in jalalstealer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18913d1d0805eb9183a23aedfba3cbef762c642f82c079dd24711102fd20951e The package jalalstealer was found to contain malicious code. Source: ghsa-malware d760ddb75dc632737c4e778e0ac4db4522bd8584240834cbefe9bffa1948999c A...
Malicious code in aesdecryptor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ac66c3676fdc79338dd38b32cacdd68d6f86e097c163eb1e8e4bd556de82c69 The package aesdecryptor was found to contain malicious code. Source: ghsa-malware 67de86e4e1b93130bb4f76480f236f202b1f257067eaf1ca02d3c565c2fc8edb A...
MAL-2026-1473 Malicious code in aesdecryptor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ac66c3676fdc79338dd38b32cacdd68d6f86e097c163eb1e8e4bd556de82c69 The package aesdecryptor was found to contain malicious code. Source: ghsa-malware 67de86e4e1b93130bb4f76480f236f202b1f257067eaf1ca02d3c565c2fc8edb A...
MAL-2026-1474 Malicious code in alinet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b467881e1d3ebf0402af06e37a9431db8eead8b2aed583e62a953e32bd5b4e The package alinet was found to contain malicious code. Source: ghsa-malware 4baa8516c4794b690aab6709c29a53d2aa06731b95e9df071cc4b062d421e026 Any...
EUVD-2026-12107
In Bun before 1.3.5, the default trusted dependencies list aka trust allow list can be spoofed by a non-npm package in the case of a matching name for file, link, git, or github...
Malicious code in n8n-nodes-data-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7eccb194fe010c62cca46772d03416065b0f5439ada0da9ce9b49d09c23d5683 The package n8n-nodes-data-transform was found to contain malicious code. Source: ghsa-malware...
Malicious code in n8n-nodes-json-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48c4e3ce64e72a6b818d69264d998a333db6081ac74c9335a9f33ece5434dbbc The package n8n-nodes-json-helper was found to contain malicious code. Source: ghsa-malware...
Malicious code in n8n-nodes-text-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8561abc8b8800ed722b922924d4f46013117dedc5153d4faa18ecfa7f839106 The package n8n-nodes-text-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1471 Malicious code in n8n-nodes-text-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8561abc8b8800ed722b922924d4f46013117dedc5153d4faa18ecfa7f839106 The package n8n-nodes-text-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1467 Malicious code in n8n-nodes-csv-parse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1470 Malicious code in n8n-nodes-json-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48c4e3ce64e72a6b818d69264d998a333db6081ac74c9335a9f33ece5434dbbc The package n8n-nodes-json-helper was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview hariprasath is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
MAL-2026-1465 Malicious code in hariprasath (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b76de996c85f413b2169be46799cbd7dcd1d32a23eb303d0b17ecccae1b10011 The package hariprasath was found to contain malicious code. Source: ghsa-malware df15d2b2f2032416b2715e63515ca04b9bfeb6129516f9fa92d3a633942d07cc An...
Malicious code in @jaime9008/math-service (npm)
Package classified as malware due to code obfuscation, use of eval for code execution, and a low number of published versions. The file lib/lib.js contains same obfuscated malware dropler as malicious react-refresh-update package, the author is same for both pacakge. --- -= Per source details. Do...
Malicious Package
Overview changelog-logger-utilities is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-1459 Malicious code in changelog-logger-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7df10f389f394a16d448bc3f80b0b77a100506b76590ef476e6b688e59d62d9f The package changelog-logger-utilities was found to contain malicious code. Source: ghsa-malware...
Malicious code in npm-demo-1112 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997173ec7aa479e3f57733838a8d8923cd42b2a9b272936ae7798a8f3c7f3699 The package npm-demo-1112 was found to contain malicious code. Source: ghsa-malware dd67ca28466b78c5da65f0a98c71b3e3243c90641b4de5d7ccc3215dbb1a33e4...
MAL-2026-1458 Malicious code in @wealth-common/font (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a56e089d98a2a90a0e20698b8e57be8f14e4999477967cdf1254cff0e51804c The package @wealth-common/font was found to contain malicious code. Source: ghsa-malware...