47 matches found
MAL-2026-3787 Malicious code in frank-at-alibaba-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886c65e3dc3df0890c4de06cdd9d3973fd8a5844b0db2010a08e1160d2b6dce5 The package frank-at-alibaba-internal was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3552 Malicious code in @uipath/integrationservice-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3ff8598d48c12ca9fe162be025bd370560d125c36c4e5dfebfbb09bccfda3f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-1955 Malicious code in kyxserver-everything (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be104f8e720927f9b7ea1bb3d036db80ffa6b65c8b7f0a6c8af29d1d4631f43 The package kyxserver-everything was found to contain malicious code. Source: ghsa-malware...
Malicious code in @snazaah/davey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0f71f42be87797ef9a1316bba8adb9bdef08cc765a42d1b707487f790846af The package @snazaah/davey was found to contain malicious code. Source: ghsa-malware 1e647d7cf3afc1b7a160585b664e75a2515b6b9e00925bdbc30e20625731d490...
MAL-2026-1123 Malicious code in @yaoii-bails/baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d1d0d12bd58b983f5d0429e35aabbe5aff4e7206c1198199dff00f8d7edc3c6 The package @yaoii-bails/baileys was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1069 Malicious code in @skyzopedia/libsignal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d2851df7c45fca156556e4b7c5fef4c60ed254a43c4e6e51c6e02d8b5ca5a20 The package @skyzopedia/libsignal-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in sandbox-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de188418d12a5397810d78eeeb5b8e939a4fc430f8c2aa3113e7fa3a5360e2c8 The package sandbox-hooks was found to contain malicious code. Source: ghsa-malware 7d12de65eeb03f7f648a293f5f7217cce1215878610d2bf4f973cd510733eedb...
MAL-2026-435 Malicious code in aligntype (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00d265590e58665b4942474738b7d5beca8f636eb79e8761f736088d603f9277 The package aligntype was found to contain malicious code. Source: ghsa-malware b0d41c223d47ebc018df2b4ee07cde5c197d028c7b973a32f34bcb4e19e9a7fd Any...
MAL-2026-371 Malicious code in theme-neutral (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9701381076541b8fbe448e03eb174cb40e2fd27237bfb442f219bf94911d035 The package theme-neutral was found to contain malicious code. Source: ghsa-malware 50a19fb9e329c206942de6cdd79f346a105320f4e71d0b652b154001b1dde8e7...
Malicious code in iraza2-fca (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7307c50f4f14642add677ac343109c8691dc3c5e67a0de88d27ed958e9593b The package iraza2-fca was found to contain malicious code. Source: ghsa-malware 5f0c32bd90ff347b69dae6471a8099e36ac566490bfa361193fc59f1c53785d4 Any...
MAL-2025-191439 Malicious code in unadapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 909f7edee5bdbb572f7a49086e9d07b3de659aba6eec46149d795293e66f6c1e The package unadapter was found to contain malicious code. Source: ghsa-malware 9a3296cbe10427af96d873c98d866b062f727dfdecd5873ed7bf0b5bb501cb40 Any...
MAL-2025-49323 Malicious code in kingasd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06cea57ed478ce7d494e8daba01d75b4c47a41bf4cc2bcce462a405cd46ea1a4 The package kingasd was found to contain malicious code. Source: ghsa-malware 13d287b8649f8ab3c2db046c9db2af68601de7e168725a1440764bd4f6c03400 Any...
MAL-2025-48331 Malicious code in mad-1.2.3.2.2.8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd85e061204de201938d7f92d980f9e42a2d4c370732eb5b9deb987982012f75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48281 Malicious code in frontend-photoswipe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e08a30dcf287f7992949bf9a4870c6201c42b3aa3b59e0966a677899b4bca376 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48274 Malicious code in cbt-gs-switcher-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51e281e2aff0b1c284640210a317cb5796b2cfb60eccbb61d04d4cfe8941d3b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in 1xbet-prilozhenie-android-guid-bu43so24l (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 383835faaa1776818bfc30feef201e28a1895ab870057429200bca02bfcabf11 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in grafana-amazonprometheus-datasource (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7359e2541c67fe090610ee101544e2e2da0fc6232b1fff166f71c0bd3c1f0e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in gs-payments-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13deac0bd384330c745707f11e00851a1a9fabd272ad4db4f7e8badf0406ae97 Any computer that has this package installed or running should be considered...
Malicious code in claude-pr-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78df9511839ca2f1261eadd3b5a9f886167ffbeb2e11f8d7c52f3470474d160e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in all-star-2019 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a0ea6c1d2104748e21c098ba44055c46440a50d30f9851de3d6991fc50e0960 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...