252469 matches found
Malicious code in ui-weave (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee5b1184b3208f8eee80df74c37c809f93461564a9226e1f82e1d551770d799a package.json declares postinstall: node lib/utils/index.js, which spawns a detached child process running lib/utils/smtp-connection/index.js. That...
Malicious Package
Overview ui-weave is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2026-5406 Malicious code in ui-weave (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee5b1184b3208f8eee80df74c37c809f93461564a9226e1f82e1d551770d799a package.json declares postinstall: node lib/utils/index.js, which spawns a detached child process running lib/utils/smtp-connection/index.js. That...
Malicious code in @0xlr/supabase-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0feb7f8ea3069b0e830043fea195c088ea28709cc18a32676f389c61a15fc84c On npm install, the package's postinstall.js script enumerates all of process.env and collects host identifiers os.hostname, username, homedir, cwd,...
MAL-2026-5390 Malicious code in @0xlr/supabase-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0feb7f8ea3069b0e830043fea195c088ea28709cc18a32676f389c61a15fc84c On npm install, the package's postinstall.js script enumerates all of process.env and collects host identifiers os.hostname, username, homedir, cwd,...
MAL-2026-5401 Malicious code in savant-listing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7360e78a5c5d56ea9323cde1f41e33ce8cc6b625034ef82d067bbfeafee60461 [email protected] is a dependency-confusion squat. package.json declares both install and postinstall lifecycle scripts that run curl...
Malicious code in create-docs-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4381fd77419441a2eefe6b22adef6c9f5adfe1b92be5d071abd5908fdf8647 Package is published at version 9999.99.99 — the canonical high-version override used in dependency-confusion attacks against private/internal packag...
MAL-2026-5403 Malicious code in t-invest-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c186ac158f68845fc995a94d15d44c2b65a521d2619d2850232e58f4a61419 Package is a dependency-confusion squat: package.json sets version 9999.99.99 the canonical max-version trick used to win resolution against any...
Malicious code in t-invest-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c186ac158f68845fc995a94d15d44c2b65a521d2619d2850232e58f4a61419 Package is a dependency-confusion squat: package.json sets version 9999.99.99 the canonical max-version trick used to win resolution against any...
Malicious code in kecak256 (npm)
kecak256 is a typosquat of the popular keccak256 package one c dropped that ships a credential-stealing payload executed automatically on install. The package spoofs the legitimate keccak256 project — author "Miguel Mota", matching description, README, and keywords — and includes a benign decoy...
Malicious Package
Overview kecak256 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in progerss-cli (npm)
progerss-cli is a typosquat of the popular cli-progress package that ships an obfuscated payload executed automatically on install. The package borrows trust from its victim: repository.url is set to https://github.com/npkgz/cli-progress — the legitimate cli-progress project's own repository — an...
MAL-2026-5384 Malicious code in enquriers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17ff0053c1f18c2d4e2e555119e16463f85cfb7f0c564d64d222a80a84763639 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security update for perl-XML-LibXML
This update for perl-XML-LibXML fixes the following issue CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2026:2324-1 Security update for perl-XML-LibXML
This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715...
Malicious code in @doaction/wasm-loader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 118555cc138d5dbc40c11c385af69fa4c6c5caa2fc05e6b0b49c65cc69491a78 Package name and description advertise a 'WASM loader,' but the tarball ships no WebAssembly code. Instead, package.json declares "preinstall": "node...
Malicious code in @doaction/mapstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9692028d96015eee60ce05d38eac9bf0c6e51dd2153cea37cad4756e3b4b3de9 @doaction/[email protected] is published to the public npm registry under a sentinel-high version 99.99.99 with a pinned @doaction/shared: ^99.99.99...
Malicious code in @doaction/http (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0558fc0fe6ab95434c0f041b1ed88e02039379e9052dbfd3e0faf35a8e8d5d5f Package version 9.9.9 is the canonical version-pinning marker used to outrank any private package during npm dependency resolution. The package...
MAL-2026-5379 Malicious code in @doaction/storage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2555ac1fb49d2dac0108e398a6acffa2bffa1a86326db5fa384ed1232fdab89 Package @doaction/[email protected] is shaped as a dependency-confusion attack against the private-looking @doaction scope. The 99.99.99 sentinel...
Malicious code in @doaction/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caba10985bd532eb067af52e175856a72552c9b9306895ea9fba9c1083277248 @doaction/[email protected] is a dependency-confusion lure that exfiltrates installer environment metadata on every npm install. package.json declares...