136678 matches found
Malicious Package
Overview styled-components-a11y is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior T...
Malicious Package
Overview require-in-package is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...
Malicious code in @adamallana0909/apple-research-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d8bddd202efdf484dda4f9ff697fb7eab0e1227f76c736d92e6af21a85b89fe The package @adamallana0909/apple-research-test was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1376 Malicious code in @appleseed-apple/ac-sasskit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88124096765095b75d53f5129410a02db9d3966422e222d21b811aa0699ea725 The package @appleseed-apple/ac-sasskit was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview mezukabil is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview @kinggupong/baileys is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview unibody is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview pcl-build-docroot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview praxis-scripts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in pcl-build-docroot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec644efff0c2f83a615a174be4d854af6d4411fec2fd2246ce43b6118f6065fd The package pcl-build-docroot was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1362 Malicious code in praxis-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f147ac7e867b493ef159ddfdd294c57a1bfbbd8e502037178470c37345ca0628 The package praxis-scripts was found to contain malicious code. Source: ghsa-malware 9cf02a0374cd88b4ae46f34a484f0441ea2bfaf3c6799812ea6b4cf4e916cd0c...
Malicious Package
Overview @dappaoffc/baileys-mod is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2026-1363 Malicious code in react-svg-anchor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e014ccf1aaf52a0f5ad92a977b2fb987b63be3ae7bdf8fa9b5f8813f68040344 The package react-svg-anchor was found to contain malicious code. Source: ghsa-malware d539493dcc209d4d478ffa4a5893cd5cd01ee1d994700b9492b651c8aeb372...
MAL-2026-1360 Malicious code in npm-doc-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e02a5339e3c7017ad72be2bb9ed62f13b6d4aeef3450ada18af95a6203e8e105 The package npm-doc-build was found to contain malicious code. Source: ghsa-malware de3094bb10170209a4225724c5cc0934cbc551bbcf01dd6f6df0205ca158ee6a...
Malicious Package
Overview b2b-common-cb-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview svg-safety-tool is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Contagious Interview: Malware delivered through fake developer job interviews
Microsoft Defender Experts has observed the Contagious Interview campaign, a sophisticated social engineering operation active since at least December 2022. Microsoft continues to detect activity associated with this campaign in recent customer environments, targeting software developers at...
Contagious Interview: Malware delivered through fake developer job interviews
Microsoft Defender Experts has observed the Contagious Interview campaign, a sophisticated social engineering operation active since at least December 2022. Microsoft continues to detect activity associated with this campaign in recent customer environments, targeting software developers at...
Malicious code in mabibilabub (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b5848598772336361b5ae5218b3379ba6b80420c35d0ef05fcfae6d82688a29 The package mabibilabub was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1346 Malicious code in ts-lint-builder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4411e0cabacba0eb0996243c3198a26f74deb52ec249ba39f1b8019fea10136 The package ts-lint-builder was found to contain malicious code. Source: ghsa-malware 0514225155e8ef3ef5350ff238e097dd627e4dd2639974c7cab656ad65d3f6b...