336 matches found
Malicious code in json-pretty-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83ea0ffb681b10da082feb66c76e0db908a8ee31cd9b064edca6c41a90a38a87 The package json-pretty-logs was found to contain malicious code. Source: ghsa-malware b86537d3e254ff943b2ca179cb5501c1a02900d518482640d73d0a9892797a...
MAL-2026-3787 Malicious code in frank-at-alibaba-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886c65e3dc3df0890c4de06cdd9d3973fd8a5844b0db2010a08e1160d2b6dce5 The package frank-at-alibaba-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in frank-at-alibaba-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886c65e3dc3df0890c4de06cdd9d3973fd8a5844b0db2010a08e1160d2b6dce5 The package frank-at-alibaba-internal was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3526 Malicious code in @uipath/agent-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1bf0a4aecf9abab564a34cce85bbd0992c11840dfce74518bc3f21d5fc4e47ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3494 Malicious code in @tanstack/virtual-file-routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c95e413c2e182a7d35b0ec3ba9f2a979d63c77c1a7f20a6204059f7b66b433bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in separadordeinfocc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90aec77465d7938875e19e8508965f986ac0e81968433307546a40823fa805e6 The package separadordeinfocc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2961 Malicious code in apple-internal-security-poc-frank (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f171ab8af350f288bde3dca0a4c5741b840ed376b0022602322fd7b8b6341f The package apple-internal-security-poc-frank was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2936 Malicious code in @tushar-br/editing-pack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a4d5659346f95e443d4a8b6883c51f081de5eb6989f8f6731327eb34ed9c64 The package @tushar-br/editing-pack was found to contain malicious code. Source: ghsa-malware...
Malicious code in ih-icon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e7f19afb6ffd57012c61c6bef2ce8ad4238f192cac0679e216684a37ec672e The package ih-icon was found to contain malicious code. Source: ghsa-malware c7182707ae8272b3af4376c3dfec66a3b574b8c86217bf3b7c705d94dfb84b63 Any...
Malicious code in @rexxtheproject/elaina-libsignal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b062d07817c63636edc363a279fdad6c40a72e116a3abd59aba0e30854f059a The package @rexxtheproject/elaina-libsignal was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2111 Malicious code in tailwind-font-inter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2cb39a969b06dada95f847c6d5fc21fd0cb38a37c6b38a6b60ef1ca439f2147 The package tailwind-font-inter was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2057 Malicious code in @emilgroup/payment-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83fcb6922c65850eff14baf7a463c2b14b358ffebdc5a15c312ec7328a142407 The package @emilgroup/payment-sdk-node was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1945 Malicious code in cryptopapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8115fdc278d0fa50691d9381670d65784c4e58c7350c6f039f4cc48900003832 The package cryptopapi was found to contain malicious code. Source: ghsa-malware 36add754a3a299e4d93abe760b631b4a294d017297d11825b1fc1e2363030172 Any...
Malicious code in @storylane/uikit (npm)
The package '@storylane/uikit' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
MAL-2026-1361 Malicious code in pcl-build-docroot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec644efff0c2f83a615a174be4d854af6d4411fec2fd2246ce43b6118f6065fd The package pcl-build-docroot was found to contain malicious code. Source: ghsa-malware...
Malicious code in restrict-imports (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82360676317e6d9c2b69a82034af73f2008890871348fb45bc5b966f6aca03c The package restrict-imports was found to contain malicious code. Source: ghsa-malware e153e68a84a468be42de7a7c49af2d4e73778f4462d854be60a6e8baf03105...
Malicious code in iron-image (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64bb41903e84d6a7adabb1c7268258090468e2e83e6f31fb679d594e8266f79e The package iron-image was found to contain malicious code. Source: ghsa-malware 11a0db876976d8589a7d975fb9c112f6569a4fc2708fb21c378166c2a1f8d204 Any...
Malicious code in pear-apps-utils-qr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bf18757dd3797d845e6746f010e38421985192e8623264615f68c13b4ec0a1 The package pear-apps-utils-qr was found to contain malicious code. Source: ghsa-malware...
Malicious code in pear-apps-lib-feedback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...
Malicious code in ethersnode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05646d5daf39bd4f36dd32267c3f5428b8eeb3913781b2c8549594679dafac3b The package ethersnode was found to contain malicious code. Source: ghsa-malware 839839d225447c7bde56628923d8e812808862fdda069eb93df578a04cc25525 Any...