252517 matches found
Malicious Package
Overview int-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in jsonlogbundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af7e3df4204ea4db553819eb10281c596a2eae07343d8143e3ef63b708881dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview jsonlogbundler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-4798 Malicious code in jsonlogbundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af7e3df4204ea4db553819eb10281c596a2eae07343d8143e3ef63b708881dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4796 Malicious code in fastjsonlog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c215826041044ae60befaac2d8d5cb29653cb12091b5803ed0a7cf8fff83f94b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview jsonbson is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2026-4799 Malicious code in pdf-lib-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pdf-lib-enhanced (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4da0334724e86909030ba354dab57e4c522c139a925d3ec06559541179c562e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview zest-product is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-4808 Malicious code in wm-idp-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2acf2a0d94ec1d2bada80f3251f5ecbea64d78ffadcab2b997b9708c2ae71cd package.json declares "node-fetch": "https://registry.ctzbg.com/wm-idp-sdk/node-fetch" — a direct HTTPS tarball URL hosted on a domain...
Malicious code in wm-idp-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2acf2a0d94ec1d2bada80f3251f5ecbea64d78ffadcab2b997b9708c2ae71cd package.json declares "node-fetch": "https://registry.ctzbg.com/wm-idp-sdk/node-fetch" — a direct HTTPS tarball URL hosted on a domain...
Malicious code in makecoder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf72d8ec7b803169421eb83d7ccbbdcd0af3671592775e25df2f92b33dfde5a4 scripts/postinstall.js runs automatically on npm install. When bun is not already present, it unconditionally executes curl -fsSL...
MAL-2026-4789 Malicious code in ggk-happy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a22c29c3d374a49fdb69fb941f2fb81e42b69006b8ed154eba8d365c755b245 ggk-happy presents itself as the slopus/happy CLI Mobile/Web client for Claude Code — author metadata, homepage happy.engineering, and repository...
Malicious code in react-cleaner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11c3d7a072dc204b4c150fae46302a31dafd46c85518d4ba7128fc7d36bf6a53 [email protected] is a pino-logger impersonator package main is pino.js, homepage https://getpino.io, module layout mirrors pino's lib/ tree that, ...
Malicious code in ether-bn.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cc5567869e3d616af151887f680ef13bf23f8a19fe5978343254b921c1c7c73 Package name 'ether-bn.js' resembles the widely-used 'bn.js' big-number library, and the README directs users to install yet another name...
MAL-2026-4778 Malicious code in 1cat-tunnel-client-zx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796f1b18c13a38088b4e48d75575eb92b23af5d91cdfaf6a82717f0fabbc7a79 On npm install, the package's postinstall hook node install.js fetches a platform-specific executable from...
Malicious code in weavedb-sdk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b4b0c5f79c0370a77c3b559b70389ffee591aa22c76ca15c4077fe95b5078e package.json declares "preinstall": "./bin/install-deps", pointing at a 976KB packed Linux x86-64 ELF binary shipped in the tarball sha256...
Malicious code in test-weavedb-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3bf1d859670570df6b5400c4ae762c8de880ada809bb4c371f32339744b8f9d Package name impersonates the legitimate weavedb-sdk; lib/index.js is a near-verbatim copy of that SDK's Arweave/Warp/EthCrypto class so the package...
MAL-2026-4482 Malicious code in arnext (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d689a27b5cc929562b684a7181549d3770de331a9f57120881d8060294b6e5f package.json declares "preinstall": "./vendor/setup", which runs a 976,568-byte Linux ELF binary on every npm install. The package's stated purpose i...
Malicious code in weavedb-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...