21 matches found
Malicious code in autotel-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9746e4768872ec865677aee5e0616ec2bddc7d5d26e9c58bffd5541533612d7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in autotel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 921a045507925f9accff44927ec74588991f03dd291a3ae95cdc9919523ed800 Pattern matches fired on co-occurrence of the strings 'ping', 'POST', and 'hostname' in the package's bundled and source files dist/chunk-.cjs,...
MAL-2026-5235 Malicious code in awaitly-analyze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3f926748b1e107755cfd17cb9151edc730b0228b6e857735a6794f8c1e71c65 No concrete indicators of installer-side harm were identified in this package version. No lifecycle hooks fetching remote payloads, no credential-pat...
MAL-2026-5205 Malicious code in @forjacms/analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44f7217965dcd60b165d3303ec44e2fbd7419e287110e70011a1434d7b5870e0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in autotel-cloudflare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d324ad75e592bc93a8dc377ed5dd767a51a006b12141d0b4f33c95738b85a09 No concrete indicators of installer-side harm were identified for [email protected]. No lifecycle scripts fetching remote code, no...
Malicious code in executable-stories-init (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8558677662bfcde2a5014a6ab8947b18228abb9415a5e41a964bcf5f5dd985 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in creditcard.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d465ca657b19d32867e41b0ef3e049313241bba9db41c54c9e73d1682d7c1300 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
Malicious code in dbmux (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5a2711ddd8b917b94e7d441193f3cb4b13b5f58b8651c04ee2728119f9f049 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5265 Malicious code in node-env-resolver-nextjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 556430b576f70c519fdab92137b48779f60f127f48ff5bdef0bcef838e24131b The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5201 Malicious code in @ethlete/dsp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70c5d7385124d81ab784d06593b0df8f05d245c165ea1ebfee9cb6b49b817ab0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...
MAL-2026-5215 Malicious code in autotel-backends (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5791740e97cb185ebd5c0e59c386020857b44a67a8c890c3826e19c60e11c3b4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in wdb-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...