234856 matches found
Malicious code in @myisrfn/baileys-mod (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc229f53299b669d5c48d802a9d0a7766546ae0908e4b83ed04c51d34c97e482 The package @myisrfn/baileys-mod was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1450 Malicious code in @myisrfn/baileys-mod (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc229f53299b669d5c48d802a9d0a7766546ae0908e4b83ed04c51d34c97e482 The package @myisrfn/baileys-mod was found to contain malicious code. Source: ghsa-malware...
Malicious code in @sheniraid/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec58e185ed8a16337c255a734dd403cfc5efd957a33d7a0f978e91721a69c8f5 The package @sheniraid/baileys was found to contain malicious code. Source: ghsa-malware...
Malicious code in big-numben (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61c77ff6fcfee6f58a1a8a5a268bb6db596b9059b965e3bcfd58a88a197179e7 The package big-numben was found to contain malicious code. Source: ghsa-malware ae2b54e5805771f2bde8a32bc288306dc173a176a009f4309baf89672a9827fb Any...
MAL-2026-1441 Malicious code in big-numben (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 61c77ff6fcfee6f58a1a8a5a268bb6db596b9059b965e3bcfd58a88a197179e7 The package big-numben was found to contain malicious code. Source: ghsa-malware ae2b54e5805771f2bde8a32bc288306dc173a176a009f4309baf89672a9827fb Any...
MAL-2026-1443 Malicious code in es-lint-builder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cb77bc53967094108e0dec0e00ddd13bef1d74b3482d959c28c4fc13753cd49 The package es-lint-builder was found to contain malicious code. Source: ghsa-malware e4f62649e3a09df9cabfd19d23538447b0d8762de9506c23c5b27c4a6882967...
Malicious code in graphql-request-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12e85257ce18204d98a8a6181fa40a75d7feb91477b98f6b86ba89223a9f4e51 The package graphql-request-dom was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview bignumber-tool.js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1444 Malicious code in graphql-request-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12e85257ce18204d98a8a6181fa40a75d7feb91477b98f6b86ba89223a9f4e51 The package graphql-request-dom was found to contain malicious code. Source: ghsa-malware...
Malicious code in bignumber-tool.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81863c7d661d7e537eb4cafb3e74ae83b61483b4617c03f6a4283d34ce651102 The package bignumber-tool.js was found to contain malicious code. Source: ghsa-malware...
Malicious code in testpoc01 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6659b3a51b9c0a2a51085f5c9671114871ac5dfccc6917f74afdd6172aa0e9dc The package testpoc01 was found to contain malicious code. Source: ghsa-malware 317141d91ff4f1ed0410aab99492b3788e3951ef5a06d3fd1b83cec8d2745375 Any...
Malicious code in omhcsilence-bails (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f5390575abcab0cfc57edaae4aa14d27eab897c1639fab8a502fcda0760adc3 The package omhcsilence-bails was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview omhcsilence-bails is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1449 Malicious code in vtimmmmmm-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f98c647bcb6a277d8ef94407b1287e79a9840e0956aa955ff01ea19778219c7 The package vtimmmmmm-test was found to contain malicious code. Source: ghsa-malware 7f04d92a8262ba75c225fb58633a5dfbe7c1d4a750b88f634dde448a81e13b63...
Malicious code in nest-moralis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7568b91354492a39b40ca156221b4a94c94808517fbf09ae48954ba5da0febfd The package nest-moralis was found to contain malicious code. Source: ghsa-malware f5ebd5810f65b46e709e5d8a09a1b3a421a0aac599af1ef51e8bb433afddba48 A...
Malicious Package
Overview spectral-corsair-navigator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in typescript-react-query (npm)
The package 'typescript-react-query' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in transform-remove-debugger (npm)
The package 'transform-remove-debugger' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in transform-proto-to-assign (npm)
The package 'transform-proto-to-assign' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in syntax-function-bind (npm)
The package 'syntax-function-bind' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...