136678 matches found
Malicious code in react-markdown-canvas (npm)
Malicious package due to data exfiltration via Discord webhook on install. Collects IP, hostname, and date without consent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4123db6526d8c37f99fa33e2524edc97922efef6b1605dc0a8acdbf41e76cc77 The package...
Malicious code in secure-monkey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86cd85a74e391ecd4f01e0ca9a2f8db368edc52021d175bb01a957669f2301ba The package secure-monkey was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in react-dropzone-truffle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deb9aafcb06b44346b4a153006bf1230d02f97d4f76ac2797f42a22005658c85 The package react-dropzone-truffle was found to contain malicious code. Source: ghsa-malware...
MAL-2026-986 Malicious code in en-thrift-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f945d24e348a2afdfccd5c12b3b3a25280087db3e659a2de6002fb29347ce6ec The package en-thrift-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in vl-ui-contact-card (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a26177e2527de2d73ffbdd96d1ebe7113d3a9745726b1aa8fc4537813caa889 The package vl-ui-contact-card was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in vl-ui-breadcrumb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81c270ce4308a58eda8d509b95c7598472480a53a99953d598e400e85440f563 The package vl-ui-breadcrumb was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-993 Malicious code in vl-ui-checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b636f4789648035c4ee34537313e51b2e4ba39f2f4ea19b6d8744f61a12bce3 The package vl-ui-checkbox was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-989 Malicious code in vl-ui-alert (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4b178c0c090ebb69682438481586f4d0c78dbcd8938f14ce595469fe3796916 The package vl-ui-alert was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in the-storyverse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2885a4f6fa566cedcd5c365fe4435186a31ed8913af26f8a06bbee3d760e66cb The package the-storyverse was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-967 Malicious code in parse-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f14189ba3007a51617df87911f83c0c765d38bf6abe23b5aecbbe60cd8646c0a The package parse-compat was found to contain malicious code. Source: ghsa-malware 90a657719347c80f56dab387dd9beb25be7af98e9580382365a65feb0fd53243 A...
Malicious Package
Overview parse-compat is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in parse-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f14189ba3007a51617df87911f83c0c765d38bf6abe23b5aecbbe60cd8646c0a The package parse-compat was found to contain malicious code. Source: ghsa-malware 90a657719347c80f56dab387dd9beb25be7af98e9580382365a65feb0fd53243 A...
Malicious code in uudi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdb12754a69bd912f7d51fb243c65d7c681cc0e15a17b561e0a491dd49dbb095 The package uudi was found to contain malicious code. Source: ghsa-malware f7b138cbc39567b6578a6cd48c9b8c7384a2bf7623d0d4542c9e37a1960b329b Any...
MAL-2026-969 Malicious code in scan-store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b30789e67692889309fe10b2d66e73649dfffbf9644ad1d11175b74334e5473c The package scan-store was found to contain malicious code. Source: ghsa-malware ebbe0d7aca9839086433d668a6b236303aa5f4c8be102ffbb7ffc9a8d73ad79c Any...
MAL-2026-963 Malicious code in locale-loader-pro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cfe4223d443a4180a9c6113449817f38d1d72fcd6f2f4cb42525dcb391c82b5 The package locale-loader-pro was found to contain malicious code. Source: ghsa-malware...
MAL-2026-974 Malicious code in yarsg (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c2ed8a6379e9f5833efbabb80221cc55ce3456a95d14c77ede9ab581bd8f577 The package yarsg was found to contain malicious code. Source: ghsa-malware 71a7932af2640f624c7daef39143653ecaa9d843bda52f61c22687210fc9961d Any...
Malicious code in format-defaults (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f00cab7061e49ab4c27f149d8944dbf016be470f0a6380b58d1432ce3c5dfd04 The package format-defaults was found to contain malicious code. Source: ghsa-malware 90aea488bdca1dafac7912501be1bdfb01e2304e4a110715802f98994f2c712...
Malicious Package
Overview hardhta is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2026-970 Malicious code in secp256 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5474e89cc8b0f2d2e5c37d3a2bad92455e82535d614d82fb0ff96979ba1ac2d3 The package secp256 was found to contain malicious code. Source: ghsa-malware 12775af1dc40ed0560ed3a8265ad9a1c9a122b3860a9f081e190b2ad8f30ba5d Any...
MAL-2026-960 Malicious code in hardhta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc27417b62c3ad399e369577764608120ee2b3662367f1d51bf5fb8378560bcf The package hardhta was found to contain malicious code. Source: ghsa-malware e4174e96a92d9c0d7bbe499ed40d2e4cab9635c61471a1602fd117d8115e2d38 Any...