MAL-2026-442 Malicious code in xadauiom (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64051fbf2528075ff707f512002bce043db1a535723bd677e6fcde0f53f7cafa Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in @wb-team/uikit-myteam-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdf39991881d2a08d3aa421675b4c1a7b562a4b50c70e7d9c0f7bb54a0d8f0e4 The package @wb-team/uikit-myteam-web was found to contain malicious code. Source: ghsa-malware...

MAL-2026-262 Malicious code in @spx-smartsorting/vue (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c0f383e5f85168809feb97c29b3dfbd12d807bcf0de67ae579f0dcc606889cc The package @spx-smartsorting/vue was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @nestorhexom/qyxb is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-35 Malicious code in aiihttp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...

Malicious Package

Overview @vietmoney/react-native-action-button is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

Malicious Package

Overview @ptest2535/testpackage is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

MAL-2025-192787 Malicious code in elf-stats-sparkly-toolkit-703 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1797fa5c9b17edda19db4d8014af3a10f7af33c65110eb435cfa995ab12ebfa2 The package elf-stats-sparkly-toolkit-703 was found to contain malicious code...

EUVD-2025-204892

Malicious code in elf-stats-silvered-bow-679 npm...

Malicious code in @xyuxu/i18never (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b923f08dbda49245b6cdc13f30d46556f98e438c1788b29597ff1d64446bf54 The package @xyuxu/i18never was found to contain malicious code. Source: ghsa-malware 3c5087826460532be47bc7b783c6674322cc348a195d708d058f98f7d73ec22...

Malicious Package

Overview elf-stats-mulled-wishlist-789 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview browser-client-neptune is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

MAL-2025-192485 Malicious code in elf-stats-cheery-northstar-345 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11afb900180826fdc5929d1c3095198004109bd2107d02b1b6cd36c676b8aafd The package elf-stats-cheery-northstar-345 was found to contain malicious code...

Malicious code in elf-stats-snowdusted-marshmallow-228 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eab7789ba8f7c654f5e79444be0a76d64268be8478db9d87a97e225d04b26d35 The package elf-stats-snowdusted-marshmallow-228 was found to contain malicious code...

Malicious code in @onlytoodles/crypto-jsa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 731c33f548ff79b458afc89fa8f3158762537acf2db8d026864792bb3222be7c The package @onlytoodles/crypto-jsa was found to contain malicious code. Source: ghsa-malware...

Malicious code in elf-stats-nutmeg-garland-645 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd1b3fdc2a40a6e396e015feb6459f0a36fda40b3d0b547f3ecc28f43166806f The package elf-stats-nutmeg-garland-645 was found to contain malicious code...

Malicious code in elf-stats-cocoa-train-606-pwn2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38b2f0588d3a0e33bfd993faa485a07e4cd60d4c7efb4c33ed006e9c29f20c50 The package elf-stats-cocoa-train-606-pwn2 was found to contain malicious code...

Malicious code in elf-stats-silvered-bauble-482 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 873d00a53b6593aa2b1ce0a02b07bf8019709b24cd2f6242548b58408ec99240 The package elf-stats-silvered-bauble-482 was found to contain malicious code...

Malicious code in karem4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a1d3bd676881934532a2e75fd644e22b2e4f26fb08bde6d48ff6d529de7467d The package karem4 was found to contain malicious code. Source: ossf-package-analysis b843a0d849da7453ce803b77a117a501a3b1e4b04eae8222d3b59d48438931c...

CVE-2025-13632

Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...