14 matches found
Malicious code in @antv/l7-scene (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
MAL-2025-191252 Malicious code in @oku-ui/checkbox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85b761a46dff9ea0ec6705cfe75221ceb7a3adeac0b4a2954618b3b069db3824 The package @oku-ui/checkbox was found to contain malicious code. Source: google-open-source-security...
Malicious code in gatsby-plugin-antd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db5c29950300909f2a9571826a482e10a6ce45dae9529f28ad87ddc2b98119b The package gatsby-plugin-antd was found to contain malicious code. Source: ghsa-malware...
Malicious code in @oku-ui/dismissable-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e3f3fce07b25fef3b52f9f9cccfdaa44fd55e8721c6d7c287e1fbd9379359f0 The package @oku-ui/dismissable-layer was found to contain malicious code. Source: google-open-source-security...
Malicious code in @voiceflow/prettier-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d559f73440d8fdf3f6f155244ce54b5d8d829700d5780778a26f0ac94fb5b59e The package @voiceflow/prettier-config was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191107 Malicious code in ids-enterprise-mcp-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7eff48b53ace7d90fb4a9c05eb62e2e8e1b6540f5dd4058611b4aa8203057276 The package ids-enterprise-mcp-server was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191036 Malicious code in @ntnx/t (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2865f9cc29095e84318d97631a2242512c5361ad8d820cd6212a8cb06417c92a The package @ntnx/t was found to contain malicious code. Source: ghsa-malware a56d53a5cf562204b62c1283f7cc997da367c0eb1cd09c913dcedbe5469bff6e Any...
Malicious code in joko-ruwet36-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31e05f77cb35a650a6dc961329024017d6b3a640f73b17186117232a7983c27c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-73209 Malicious code in gita-tapai15-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b45b42e489ef5a071ffd41748083333b9d3d7f0efe164925d631dc9c2f41fbb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wbsocket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4dcded1c53684bce57c002b2ecaa2fc51c27dbe293f10ab57646a5f9685b7897 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in aihottp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 98a22867b0350be05e9b2f1550e61cce611a5e74b5c65c5be1542cdcbd0c2967 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in pyinstallr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx f2b04dc5f801036e2b2232284cac00ae9947d9430365a95aec226804aa88d11a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...