MAL-2026-3317 Malicious code in @apple-pay-trust/destroy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6515019a886959d905d728f0fdcebeb16aa3e62bcf2e2643c0424ba87aeb8f79 The package @apple-pay-trust/destroy was found to contain malicious code. Source: ghsa-malware...

Malicious code in @montanatonytest/app.web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae7604e0d0f1f42d621917113451c0b0583f2c74d4bbe59d92db2cf68101c674 The package @montanatonytest/app.web was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @tw-marionette/clipboard is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview @apiary-annex/meta is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @google-pay-trust/cancelled is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-3318 Malicious code in @b2b_blocker/hide_activation_error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cbbf4ca3aa2fddd7145289bbf2f3ee83ef30e0fb6aa1163f465c4175cd22aec The package @b2bblocker/hideactivationerror was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3276 Malicious code in accesso-angular-cache-buster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efe1cff5329801850c1249ccfee1e905acc9e221c3bd424534068908f73b5a07 The package accesso-angular-cache-buster was found to contain malicious code. Source: ghsa-malware...

Malicious code in temhe-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9e5d48f36a9f7f2fd80c126d14811be70cc210a382e9edc85d3bc1c4c62968 The package temhe-dev was found to contain malicious code. Source: ghsa-malware 117ca92e4f6c30bab5d2538e054b527cadbd72387d055860a3baf428e279c116 Any...

MAL-2026-3275 Malicious code in @kills_sh/bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e7f5c26dc70e3f5d44e3fc5b4b94fba66089cf8d0d718fc48c4f85aada6f830 The package @killssh/bootstrap was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3278 Malicious code in honcho-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84982c0724088423f1dfd6be1667977bde24611206ff38083fbd5f1bddb51ee7 The package honcho-theme was found to contain malicious code. Source: ghsa-malware 23c78ef060edd4e17fe6722502a19a3f7cfa402b9253a432003578db145e5c24 A...

Malicious code in muenxo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48537a437deee473614e25a26caa3436391ae5a590cd8fbd2e8d8b5ec61bec60 The package muenxo was found to contain malicious code. Source: ghsa-malware ffae9a8a617618fdf06b6c2a547167397aa849264407477c10f3490d494beb01 Any...

Malicious code in pos-next-react-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17462b618deafef53af5cb939d0240f899e18139f020fa631b898d2862bc6a08 The package pos-next-react-native was found to contain malicious code. Source: ghsa-malware...

Malicious code in vpi-guides (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0746aaba735c5411a6b2e62e27b52b39aace59ceebe307f3cd192fbf052b387a The package vpi-guides was found to contain malicious code. Source: ghsa-malware 28248d8cb6eca76057853d4e6ed366107e13c7dce9b6f02d9afd82475152a369 Any...

MAL-2026-3280 Malicious code in pi-exa-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75549c181fe30d370fa436cfe9a04d0df8fa0270b0d022bd5e69b780fc5c10ea The package pi-exa-mcp was found to contain malicious code. Source: ghsa-malware 8b7369c9538e4cea56d92cc659b74b1243d5fd03b619c23d32a85c21b5c8981a Any...

Malicious code in @w3m-app/is_connected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 793804fbeaedf1325065aa857a03e0aba4bacd06b686728efeeb4a406f2e2668 The package @w3m-app/isconnected was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3273 Malicious code in @w3m-app/is_connected (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 793804fbeaedf1325065aa857a03e0aba4bacd06b686728efeeb4a406f2e2668 The package @w3m-app/isconnected was found to contain malicious code. Source: ghsa-malware...

Malicious code in @w3m-app/get_chain_id (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26a5497ea6ed8479f242764e1c85fb02158843dd5dec341d2054ea7ef49adb4d The package @w3m-app/getchainid was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @w3m-app/getchainid is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in @bcs-ui/theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e8fd043a0105b7ec2fd37e2db50a7dbab652403949cf1f0950366ddab6eafdf The package @bcs-ui/theme was found to contain malicious code. Source: ghsa-malware 2a3c36dafcc4718b7edd494534658ed583e693c1235d638066d51997eccb1d10...

Malicious code in @bcs-react-ui/select (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f13a9b44b9cd000d9cc8fbcd4cbc765178ea32a471cd8b339d4ebdda4182d52 The package @bcs-react-ui/select was found to contain malicious code. Source: ghsa-malware...