136620 matches found
MAL-2026-2200 Malicious code in json-lucide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12d05056fbe7eca08a66d7297aac2b03763073361f0cb33c238a4463f64a0867 The package json-lucide was found to contain malicious code. Source: ghsa-malware 30298bc83e4bdadd246cfdec7006f865348448a5147e0a8258cd4d4feaf7b27f An...
Malicious code in omaronsec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ff0bfae46cd199f9de68fa7a40d0f579cd8918783db054a2eb83c8cf047424f The package omaronsec was found to contain malicious code. Source: ghsa-malware 67e67c70590c02b44ced517d12ded441ebcd7e80617a6818d06ad836620910f6 Any...
Malicious code in omicnavigatorwebapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327bf8baa88f730faf7a3b96a6acc527533ef6b39c5274246cfc00c72d6c30d2 The package omicnavigatorwebapp was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2198 Malicious code in omaronsec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ff0bfae46cd199f9de68fa7a40d0f579cd8918783db054a2eb83c8cf047424f The package omaronsec was found to contain malicious code. Source: ghsa-malware 67e67c70590c02b44ced517d12ded441ebcd7e80617a6818d06ad836620910f6 Any...
MAL-2026-2195 Malicious code in super-alias (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ee12ec5ce74c0899ed60e17d1baf7095efc7ab305e51d4fcf20db72306621f The package super-alias was found to contain malicious code. Source: ghsa-malware 2c8c29e0ebca0170c77383154e5c6f2fe5280412fea18d255b496b94ae0aac5f An...
Malicious code in super-alias (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ee12ec5ce74c0899ed60e17d1baf7095efc7ab305e51d4fcf20db72306621f The package super-alias was found to contain malicious code. Source: ghsa-malware 2c8c29e0ebca0170c77383154e5c6f2fe5280412fea18d255b496b94ae0aac5f An...
MAL-2026-2192 Malicious code in changelog-utils-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bec9a644e6b7c6be0e1e95ad8690cf8c19568061865f8e185552431e09fbb38c The package changelog-utils-wrapper was found to contain malicious code. Source: ghsa-malware...
Malicious code in levex-refa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba11828b57921035328d22b68ebf7ecb28dde3cedc4b58f874cf39c14583c5e0 The package levex-refa was found to contain malicious code. Source: ghsa-malware 5ce255ba60f9db881f821e9c9268a5c70e002212b5b0df88b274878592d4696d Any...
MAL-2026-2190 Malicious code in ts-bign (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a068fd0715cfd570ef64c7f6d249383560483880d19fb75a94ac4997a742c70 The package ts-bign was found to contain malicious code. Source: ghsa-malware 6e364f088c15924f92d8290e79ca278120b3d8778345dcad0aad75e821d352e0 Any...
Malicious Package
Overview @shennmine/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-2168 Malicious code in chai-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...
Malicious Package
Overview @rexxtheproject/elaina-libsignal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
MAL-2026-2161 Malicious code in path-external (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83954c990d9e7dddb109dea7f9ed24bc8ded6b95da0ed050b43e7486675fc67c The package path-external was found to contain malicious code. Source: ghsa-malware 28650e14b5d9d8ba8bb4df91ca765c3e40d62074928911571fbdbc9af91c4e2d...
MAL-2026-2162 Malicious code in svg-sizer-responsive (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a60820b0fbec756691b147e45ad8157501c307c7864249a6a7b112b5293846e The package svg-sizer-responsive was found to contain malicious code. Source: ghsa-malware...
Malicious code in pino-pretty-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2a9c035f47cbd6beb9e2f47299a689f13823a21eaef04fd6abfa9035dcb120e The package pino-pretty-log was found to contain malicious code. Source: ghsa-malware 5ddd0444ff8834bc42162fb1d88cf6d71f6044c2a636cde204484f654ce6589...
Malicious code in tailwind-animationbasis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 613bfa904c0195c7d59209123554b2be83ed4a0568c174e8b221e22725fec103 The package tailwind-animationbasis was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview @xvortexsockets/baileys is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Software Supply Chain Smells: Lightweight Analysis for Secure Dependency Management
Modern software systems heavily rely on third-party dependencies, making software supply chain security a critical concern. We introduce the concept of software supply chain smells as structural indicators that signal potential security risks. We design and evaluate Dirty-Waters, a novel tool for...
MAL-2026-2398 Malicious code in xrpl-hooks-ide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cba4a53598147b0ea4a05d573906166d018f6026d4b245512f651c235c2bae3 The package xrpl-hooks-ide was found to contain malicious code...
MAL-2026-2397 Malicious code in wraith-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e01edc3106b7a83dd7050b7ade8ef141a38fac23b8829ed8d2f4e1f1402829b The package wraith-module was found to contain malicious code...