MAL-2026-4878 Malicious code in @car-loans/safe-storage-module (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

MAL-2026-4938 Malicious code in @cloudplatform-single-spa/ml-ai-agents-mcp-server (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

MAL-2025-187089 Malicious code in galaxy-xanthus-perseus-subscription (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b08463d8094a6585daaff47afc0c7e17fb1cfeac54e21ac5b0da250cfc368e1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-51080 Malicious code in bella-semur20-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b03d61d30f4363a0471385d1a724bc7b6aad093b80c9eb7b345542ee0108622 The package bella-semur20-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...