234856 matches found
MAL-2026-1517 Malicious code in filenames-simple (npm)
The package 'filenames-simple' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1426 Malicious code in @3stripes/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cf6f6a1fb0e79c716386545df6b4a1e4df689bf6b35e741c28150cc3fad072a The package @3stripes/common was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1430 Malicious code in @3stripes/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a35a49fa45b490839a3f7671aed0d41c821f7a2925a015debe9f168e09476451 The package @3stripes/utils was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @3stripes/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3319f763eb66b1fadca0f6bc56787fa08c4ef40209f072ba65dd6cdb628bf66c The package @3stripes/ui was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1429 Malicious code in @3stripes/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3319f763eb66b1fadca0f6bc56787fa08c4ef40209f072ba65dd6cdb628bf66c The package @3stripes/ui was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tracking-service-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbea868891563a569959fb4cb0283257c07da112b0e854b53431157e0a12af57 The package tracking-service-config was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in native_dep (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8cbbcc5fef314cdaa3a8b8c2d15e298a0c5f1c444084cc36a8dc36a95b7da1 The package nativedep was found to contain malicious code. Source: ghsa-malware 96b85414b77cb51face1caae1f5ab5ab4ba386fb95ba1c8594ac3ce47a6cb19d Any...
Malicious code in devlino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab9a10cdd7f1009bc1531da7299dc55e1a8ab63a76e1175becfff1dd629cf0f The package devlino was found to contain malicious code. Source: ghsa-malware e2d2201ff31202f25731c9699e97997f89ed857a82aa98a9feaa0ebe1243c45f Any...
MAL-2026-1421 Malicious code in devlino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab9a10cdd7f1009bc1531da7299dc55e1a8ab63a76e1175becfff1dd629cf0f The package devlino was found to contain malicious code. Source: ghsa-malware e2d2201ff31202f25731c9699e97997f89ed857a82aa98a9feaa0ebe1243c45f Any...
Malicious code in cw-isdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae10c11f397ea01855bd467e8a77fc7f7ccb97477c54bfee0bae46cd5c324ca4 The package cw-isdk was found to contain malicious code. Source: ghsa-malware 54e686b27022344685c371190035a9586a04498a711c2456bdd9b5644c43c833 Any...
Malicious code in tailwind-mainanimation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64236873269f6da90599a0e0136ce22979e4bbfd8103cf4850e42c1179ae6cb5 The package tailwind-mainanimation was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1419 Malicious code in tailwindcss-style-modify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b0ae66880918a2da3f10a1be7386982be7c7ff76855cf9f401733b92436e1d3 The package tailwindcss-style-modify was found to contain malicious code. Source: ghsa-malware...
Malicious code in twitch.dashboard-v2.core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 637dc1fe27ba94d42da29869618ddc561c6dece34d9b0cbfc0061919e77de510 The package twitch.dashboard-v2.core was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview twitch.dashboard-v2.core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in pulsard-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5088b269cb089b9b077cf5a13f9b00cbb8d01375276ce1e2f1c99fc7154a46be The package pulsard-utils was found to contain malicious code. Source: ghsa-malware ff1030d82dfca7d7403806e0bd8ba645d25cddd141cb5480664a6555f2d441d7...
MAL-2026-1416 Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
Malicious code in rrweb-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2c1a8d89ba0817d9264bc9f6e59c5c1e4c683b98ce32ba7d9bcb3e61f1f016b The package rrweb-v1 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1456 Malicious code in rrweb-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2c1a8d89ba0817d9264bc9f6e59c5c1e4c683b98ce32ba7d9bcb3e61f1f016b The package rrweb-v1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in solana-pumpfun-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25b5c167c097f41d490f55b16ad2263c163b7afb898528dafb13a74f513b9181 The package solana-pumpfun-sdk was found to contain malicious code. Source: ghsa-malware...
Malicious code in @dinzid04/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75cf71f0ce959b1ec335f4481db2cc423250422c02e9bf33d40e12b6f541760 The package @dinzid04/baileys was found to contain malicious code. Source: ghsa-malware...