136678 matches found
Malicious code in minify-replace (npm)
The package 'minify-replace' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...
Malicious code in transform-export-extensions (npm)
The package 'transform-export-extensions' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in pear-wrk-wdk (npm)
The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
Malicious code in transform-json-strings (npm)
The package 'transform-json-strings' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1545 Malicious code in dazaar-cli (npm)
The package 'dazaar-cli' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
MAL-2026-1522 Malicious code in minify-mangle-names (npm)
The package 'minify-mangle-names' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in @3stripes/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3319f763eb66b1fadca0f6bc56787fa08c4ef40209f072ba65dd6cdb628bf66c The package @3stripes/ui was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tracking-service-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbea868891563a569959fb4cb0283257c07da112b0e854b53431157e0a12af57 The package tracking-service-config was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in native_dep (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8cbbcc5fef314cdaa3a8b8c2d15e298a0c5f1c444084cc36a8dc36a95b7da1 The package nativedep was found to contain malicious code. Source: ghsa-malware 96b85414b77cb51face1caae1f5ab5ab4ba386fb95ba1c8594ac3ce47a6cb19d Any...
Malicious code in devlino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab9a10cdd7f1009bc1531da7299dc55e1a8ab63a76e1175becfff1dd629cf0f The package devlino was found to contain malicious code. Source: ghsa-malware e2d2201ff31202f25731c9699e97997f89ed857a82aa98a9feaa0ebe1243c45f Any...
Malicious code in cw-isdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae10c11f397ea01855bd467e8a77fc7f7ccb97477c54bfee0bae46cd5c324ca4 The package cw-isdk was found to contain malicious code. Source: ghsa-malware 54e686b27022344685c371190035a9586a04498a711c2456bdd9b5644c43c833 Any...
MAL-2026-1419 Malicious code in tailwindcss-style-modify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b0ae66880918a2da3f10a1be7386982be7c7ff76855cf9f401733b92436e1d3 The package tailwindcss-style-modify was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview twitch.dashboard-v2.core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-1456 Malicious code in rrweb-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2c1a8d89ba0817d9264bc9f6e59c5c1e4c683b98ce32ba7d9bcb3e61f1f016b The package rrweb-v1 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1387 Malicious code in tahoe-tap (npm)
Malicious package detected. Executes code during installation via preinstall script in package.json and has only one version published. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deec4b3e879632ae9819b52e88ae689725b1af688aecd541e498d2bac084f848 The package...
MAL-2026-1379 Malicious code in 8x8-developer-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 830ce990639483b2f7a9ea4e000d63c831e0d58c94e718a1a20add6885cb93ef The package 8x8-developer-docs was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1377 Malicious code in adroit-websdk-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2635788b71e7d2d9a220ca0717bb46d6704bb205393b2f479105c20d9f94735e The package adroit-websdk-server was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in cline (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38d7531f4d4af07fee607e1d2985d0ea5b41dbf28cca5bc16c8457934e372f86 The package cline was found to contain malicious code. Source: google-open-source-security...
Malicious Package
Overview syntax-async-generators is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior...
Malicious Package
Overview proposal-typescript is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...