234867 matches found
MAL-2026-1020 Malicious code in @ai-studio-web/app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a29e5e23697b695bdd456d100ba49a1ef5c6f4450b46672dedcd164a073e8eb The package @ai-studio-web/app was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1021 Malicious code in @atg-aml-shared/kyc-domain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 669af5ff086209bd01c2d69a805bb4272ccedbc54a1a1c0ce79b0794dc92daea The package @atg-aml-shared/kyc-domain was found to contain malicious code. Source: ghsa-malware...
Malicious code in js-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fbd8b0061a32bc73c0f643e53d0522b03117bda560c40b279b8cdebe5a1100 The package js-multer was found to contain malicious code. Source: ghsa-malware 330a991375f32abf73368d5d321c5a485cd844db42ccaa02388ebe61bc013376 Any...
Malicious Package
Overview chai-iotype is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
MAL-2026-1016 Malicious code in js-multer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fbd8b0061a32bc73c0f643e53d0522b03117bda560c40b279b8cdebe5a1100 The package js-multer was found to contain malicious code. Source: ghsa-malware 330a991375f32abf73368d5d321c5a485cd844db42ccaa02388ebe61bc013376 Any...
MAL-2026-1015 Malicious code in es1int-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09abead9af9906c0579f5cce39e4e75fd445a6edaa1a5380db01ad7dd1e274f8 The package es1int-config was found to contain malicious code. Source: ghsa-malware 3eb94b9e72fc93f339c87b961f88c598fb78ecd2d5e4aad405d17c7eb3d513b2...
Malicious code in es1int-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09abead9af9906c0579f5cce39e4e75fd445a6edaa1a5380db01ad7dd1e274f8 The package es1int-config was found to contain malicious code. Source: ghsa-malware 3eb94b9e72fc93f339c87b961f88c598fb78ecd2d5e4aad405d17c7eb3d513b2...
MAL-2026-1006 Malicious code in chai-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27a98b20486f7e7fafdfb30cb31c6f9aaf7d2e05e776a7d59b09dfd9db11e12f The package chai-tools was found to contain malicious code. Source: ghsa-malware cd9e9e8b30b139d7ad4bcef06753d2e9b1896845322a40e0cf0ff862adbcb3d8 Any...
MAL-2026-1011 Malicious code in node-argon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a249253a8bb08b645efdf877fb82287c002a57b8170e4977ac7344831d08ae83 The package node-argon was found to contain malicious code. Source: ghsa-malware 67f9534d5ccdcd0354d6b224d85adad29d2c686924ced68999d9d4dfd99ccd34 Any...
Malicious code in modify-setting (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48505e42b99b10152a5e8587fc88350de886a6ff02ca5b70ada3d90c9a7e980f The package modify-setting was found to contain malicious code. Source: ghsa-malware 3420a3d9050f94ba247ff8853e7a7f98ee33ca16a7beda959c53463992b65c24...
Malicious code in es1int-re1ease (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e956be3193d45095a913fddc50d7cfaa4954268fb94b94c2234ecbdfedf20a9 The package es1int-re1ease was found to contain malicious code. Source: ghsa-malware c78523a62c16466f08157a46028124f655a0bf4e92f9b7f64eef705b40c99086...
Malicious Package
Overview es1int-re1ease is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview ultimates-express is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CLEANSTART-2026-LM41397 node-tar is a full-featured Tar for Node
Multiple security vulnerabilities affect the npm package. node-tar is a full-featured Tar for Node. See references for individual vulnerability details...
Malicious code in react-markdown-canvas (npm)
Malicious package due to data exfiltration via Discord webhook on install. Collects IP, hostname, and date without consent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4123db6526d8c37f99fa33e2524edc97922efef6b1605dc0a8acdbf41e76cc77 The package...
Malicious code in secure-monkey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86cd85a74e391ecd4f01e0ca9a2f8db368edc52021d175bb01a957669f2301ba The package secure-monkey was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in react-dropzone-truffle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb9aafcb06b44346b4a153006bf1230d02f97d4f76ac2797f42a22005658c85 The package react-dropzone-truffle was found to contain malicious code. Source: ghsa-malware...
MAL-2026-986 Malicious code in en-thrift-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f945d24e348a2afdfccd5c12b3b3a25280087db3e659a2de6002fb29347ce6ec The package en-thrift-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in conduit-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7f95b03bc8b7d9992089476c92239b5de48ab75b1d3c1d13e9b231dcc79a52 The package conduit-utils was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-contact-card (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a26177e2527de2d73ffbdd96d1ebe7113d3a9745726b1aa8fc4537813caa889 The package vl-ui-contact-card was found to contain malicious code. Source: ossf-package-analysis...