36 matches found
Malicious code in @antv/g-css-layout-api (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-3909 Malicious code in @antv/g-base (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-4063 Malicious code in @antv/li-p2 (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-141 Malicious code in rt-long-form-content (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aafc418ec6a49447f89597e76416b14a45ffa82d65fb393dc3bb91d1fca38ac The package rt-long-form-content was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191376 Malicious code in @voiceflow/storybook-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8dad09f9af7bcfdd86347fd6e8c490939feed1f44cb5632ca2098db24ddbe7b The package @voiceflow/storybook-config was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191204 Malicious code in @clausehq/flows-step-sendgridemail (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28e11e222c60736d3fbf0e7d232067bc608dbfdcb99484a13122cd9d2acd27f7 The package @clausehq/flows-step-sendgridemail was found to contain malicious code. Source: ghsa-malware...
Malicious code in typeface-antonio-complete (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c235d9ce1035017bbe5c1605d3915069791ed17717ac6c6aada75553b43286a4 The package typeface-antonio-complete was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190894 Malicious code in @posthog/taxonomy-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6160bb29593f706f1623c9cc373f06290747d183e2d495f4d0afc169252d3046 The package @posthog/taxonomy-plugin was found to contain malicious code. Source: google-open-source-security...
MAL-2025-190808 Malicious code in @ensdomains/offchain-resolver-contracts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e33729ef15689f97d628745ade2c8c9a5f42b14ff63f1f151416c9db5732c88 The package @ensdomains/offchain-resolver-contracts was found to contain malicious code. Source: ghsa-malware...
Malicious code in @ahmedhfarag/ngx-virtual-scroller (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66057cb43184c7c2694b0d4a8dad8c0566a4e2aa2395e63b96637dcef1455ef3 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in devextreme-angular-rpk (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48daa4ee53933f4f74c8a6cd7644ad441f316912aa3e282498fe602b91f2bc40 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @yoobic/yobi (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f973d949e3a5ae002289cfd3e93009c3a8122535b1f75f0363bd8e2c04a2548 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in cordova-plugin-voxeet2 (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96ae7ef5d43ef45901a8613d236559761bb72ca1729594ffc8b3df8200250094 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @operato/popup (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 211d1a1f6ff1362c33afe9e1d91ae471476a624a0bc79a2ef3a1a74d7fc4189d Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47225 Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
MAL-2025-47298 Malicious code in browser-webdriver-downloader (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01fb714365440560815380bba71421a48f96fcc47b83487acaaa72a1410c0ab5 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-47273 Malicious code in @teselagen/file-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7da1a31ac60a5206e526134aa3bb58f83fa6e2d32f66cacf06f26a91de3b71f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in proto-tinker-wc (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7c28102f10f0e7abdda4eaae50e9db8edf27c3b15fe2ba6841ceb95fa907adc Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-6335 Malicious code in uidraftism (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57170f8a04ef1c34750c5fb4781b9af9071ce8936e4a5fc61225e5919acecf36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6244 Malicious code in jet-os-detection (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae12c732362620c804ce4ff9fc2e85cd4f861a8084f6b9016fe67ce31b57c955 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...