234890 matches found
MAL-2025-191559 Malicious code in @gr-common/async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec1bf5b6b7e2fd480a24ad41a4ab335d9b6abbc762aec4bcc7a15e5529a0e41c The package @gr-common/async was found to contain malicious code...
BackportBench: A Multilingual Benchmark for Automated Backporting of Patches
Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading can be difficult and may break their existing codebase...
EUVD-2025-199933
Malicious code in 7715-permissions-shared npm...
MAL-2025-191492 Malicious code in umap-wasm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fe0d08b117ec6e7dcd48b13025326c2f427f3251c624867c9f0d398bd2dab8 The package umap-wasm was found to contain malicious code. Source: ghsa-malware a8b9419bdb44fab11a3bade4b4831308972f0fc3acfd3472c362fe672339e8ab Any...
EUVD-2025-199931
Malicious code in umap-wasm npm...
EUVD-2025-199927
Malicious code in babel-plugin-standalone npm...
MAL-2025-191490 Malicious code in com.unity.sharp-zip-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cedde339d72e05699d5f33d7c16779f926f419baded72d7cd78d2610395cc807 The package com.unity.sharp-zip-lib was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199911
Malicious code in liblynxtextra.so npm...
EUVD-2025-199913
Malicious code in eslint-plugin-react-hooks-published npm...
EUVD-2025-199912
Malicious code in chain-selectors npm...
EUVD-2025-199910
Malicious code in vitest-environment-jsdom-patched npm...
Malicious code in x402-legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e37b562070e10c7c2cf1ae07233d0e676a9c3808a2425407b709e9d03ab981f8 The package x402-legacy was found to contain malicious code. Source: ghsa-malware e93ea6b10273adfc3bd24ad98240fa9d023af96eb7a7c4a5a2073e881140808f An...
MAL-2025-191485 Malicious code in x402-legacy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e37b562070e10c7c2cf1ae07233d0e676a9c3808a2425407b709e9d03ab981f8 The package x402-legacy was found to contain malicious code. Source: ghsa-malware e93ea6b10273adfc3bd24ad98240fa9d023af96eb7a7c4a5a2073e881140808f An...
EUVD-2025-199908
Malicious code in x402-legacy npm...
MAL-2025-191480 Malicious code in accounts-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07acaccf5cae78ad4bfd5f967e15c5ba68180c1350310492a9065ca97124bf26 The package accounts-base was found to contain malicious code. Source: ghsa-malware cf76e57ba69c401756a0d9279f66fcd197667ce73a011c643099737d08dc306c...
EUVD-2025-199807
Malicious code in bitcoin-lib-js npm...
MAL-2025-191478 Malicious code in bitcoin-lib-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 480dbd7d7ec801a0212ee78ebb73268cd67ba4fb96b06ec563fbafe31aa10531 The package bitcoin-lib-js was found to contain malicious code. Source: ghsa-malware 95f79207062e8c5db317d3487c20f36927b99e9f0b9bfc2551c22a23d10c020f...
Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets
The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components...
Malicious code in bitcoin-main-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4f6833ddd073b7c036ec32739e3cb826bd1eda9d3c350eed423548f64f047b2 The package bitcoin-main-lib was found to contain malicious code. Source: ghsa-malware 06ed1aa4aa61f36d953368c74cb3daf102b02842a6a27843021b499b033d71...
EUVD-2025-199703
Malicious code in vite-dynachunk npm...