136589 matches found
Malicious Package
Overview internalinsightsenabled is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Malicious Package
Overview cktool.config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview apple-internal-security-poc-frank is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious Package
Overview cktool.core.internal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in apple-internal-security-poc-frank (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f171ab8af350f288bde3dca0a4c5741b840ed376b0022602322fd7b8b6341f The package apple-internal-security-poc-frank was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-auth-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f287635d5bb4ba311de3a315d8b730e159dd7dee46e68896e94f07d1b4d91860 The package apple-auth-internal was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview pgserve is an Embedded PostgreSQL server with true concurrent connections - zero config, auto-provision databases Affected versions of this package are vulnerable to Embedded Malicious Code that injects a credential-harvesting script that runs via postinstall on every npm install. It...
Malicious code in bmg-web-features (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e385a0f1c1bcc075d39332c519b28aebc80cd8474cbc78baff5ce19661b85f The package bmg-web-features was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2953 Malicious code in bmg-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26777925b4f8e199b125a969ad8c6f4e0ff672b87613b22ce2b67fe461ba218e The package bmg-web was found to contain malicious code. Source: ossf-package-analysis 27618387221affefb03509d50b0545c22b6d18574bc71aa6f218350ca5f152...
MAL-2026-2955 Malicious code in megabank-worklist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in internal_insights_enabled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b767ca0c2e6450230a1b4d2bfa3f974fc6e9cac87198adb5c3084ea5f6dcd5f7 The package internalinsightsenabled was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2959 Malicious code in internal_insights_enabled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b767ca0c2e6450230a1b4d2bfa3f974fc6e9cac87198adb5c3084ea5f6dcd5f7 The package internalinsightsenabled was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2951 Malicious code in hifromhere1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82931dc7313b2b9b93b8664655cbe445702e0fdcf1cc7e587b27758d2ef9cda1 The package hifromhere1 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in tailwind-text-fill (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fe1d70f1253bacbb57d827b49a08cede06a039323a86af19cebaa08cefe2cbdd The package tailwind-text-fill was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview tailwindthml-flips is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Supply Chain Compromise Impacts Axios Node Package Manager
The Cybersecurity and Infrastructure Security Agency CISA is releasing this alert to provide guidance in response to the software supply chain compromise of the Axios node package manager npm.1 Axios is an HTTP client for JavaScript that developers commonly use in Node.js and browser environments...
MAL-2026-2938 Malicious code in bignum-ts-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9302a5bb5d61b77b3bb20e1bc630cfc2ef2411f09200b10b9b3bdf3afbb21d11 The package bignum-ts-v2 was found to contain malicious code. Source: ghsa-malware cbe2f3378d63ab27729cde1a688d110842d5efda3b4e1e88c2eacf54161b4f0f A...
MAL-2026-2935 Malicious code in @tushar-br/desktop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25eb4a54e706177aecf51b4124524e6e7d0534b02d9b8e6970169a9df8189ef The package @tushar-br/desktop was found to contain malicious code. Source: ghsa-malware...
Malicious code in krdfonts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a15ce04475542747dedb873a3b01d84d049ca808da879da611089e66db7e434e The package krdfonts was found to contain malicious code. Source: ghsa-malware 4e5c97aa939f62290759af39ce8ffae53746a8b7e48e2f72e8972573fede14b6 Any...
MAL-2026-2940 Malicious code in mailcraftjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27f66d32585597a7eeaa611a0c5f0fd20ee5a035d98d00ace5c0a333ae36b5be The package mailcraftjs was found to contain malicious code. Source: ghsa-malware bc9eb14094700cd30fbd04c4f4b7e75c8971e1ceb5442320dba55befe0fdccb7 An...