234569 matches found
MAL-2026-3153 Malicious code in apple-infra-final-escape (npm)
Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...
MAL-2026-3152 Malicious code in apple-coredata-internal-service (npm)
Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...
Malicious code in coinmate-typescript-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbfed1f09c009e285a20b7f2914257795846bf558a735467cb742ab4bc53165b The package coinmate-typescript-client was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3147 Malicious code in coinmate-typescript-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbfed1f09c009e285a20b7f2914257795846bf558a735467cb742ab4bc53165b The package coinmate-typescript-client was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in fivem-monitor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46a604a0acf84f672e7a3235e103f365f9d9f704c96faa12dcb5b9b0a9806004 The package fivem-monitor was found to contain malicious code. Source: ghsa-malware bea91e9a2c853e88f029684fb53cecc15f1960b1ccafb583b1da52a754f9ee4d...
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer aka GrabBot. "The malware disguises itself as a Minecraft hack called 'Slinky,'" Brazil-based cybersecurity company Zeno...
Malicious code in apple-app-store-server-library-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f6b57befbd248b884d81978566bd3d4a57ef499f1eb8f8f66c00dc02e76588c The package apple-app-store-server-library-poc was found to contain malicious code. Source: ghsa-malware...
Malicious code in @w3m-frame/session_update (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a327a8e78038064af56af7f6b1aa21b98a0cee0ed571f5fa53d6187a2b8f9cd1 The package @w3m-frame/sessionupdate was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3122 Malicious code in @w3m-frame/session_update (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a327a8e78038064af56af7f6b1aa21b98a0cee0ed571f5fa53d6187a2b8f9cd1 The package @w3m-frame/sessionupdate was found to contain malicious code. Source: ghsa-malware...
Malicious code in @pyme-web/ui-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6780882125fbf59796027cea605339595d23058e19a6a2a257637f225adb51e8 The package @pyme-web/ui-base was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3108 Malicious code in @activation_code/success (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d00bacff8cfa3ae8a22cfb51c4be0ad025ce42bc29929c07a7eaad6be36c702c The package @activationcode/success was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/cancelled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0c6d2bdfddde00dc6bb5663ffb7fd381c2e392a8c65d6a8890b400c219c160d The package @apple-pay-trust/cancelled was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3117 Malicious code in @business_promocode/cancel_promocode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 002798d60b98859a68bc9daf0ebaf7794b8d83973b69fb4c8bfe9979f685e51d The package @businesspromocode/cancelpromocode was found to contain malicious code. Source: ghsa-malware...
Malicious code in @business_promocode/cancel_promocode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 002798d60b98859a68bc9daf0ebaf7794b8d83973b69fb4c8bfe9979f685e51d The package @businesspromocode/cancelpromocode was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/finish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9abd2d210c4a5df0e95f326e80b2e6618647c03ba4158e1d6ffbd36d9f7b800a The package @apple-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3124 Malicious code in apple-internal-dev-check (npm)
Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...
MAL-2026-3081 Malicious code in frank-research-poc-apple (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216e5eb321826d85c29f23b333d509a469f138b5317a41b818da919bc9bf9c47 The package frank-research-poc-apple was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in frank-research-poc-apple (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 216e5eb321826d85c29f23b333d509a469f138b5317a41b818da919bc9bf9c47 The package frank-research-poc-apple was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @clearpool/streaming (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector febaceb862fd80f68bdcefbbed2667f056ba0b09cc0607d92962dd0d1c2a8b5d The package @clearpool/streaming was found to contain malicious code. Source: ghsa-malware...
Malicious code in @clearpool/table (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79bdf65c3193663ec05f4281e94765c2106a6a5ce8bd9860a4cfcbaab419f0c9 The package @clearpool/table was found to contain malicious code. Source: ghsa-malware 34f072d9880102a7b4495043aa1155a43587246ae13f1974b107df2bbe4760...