300 matches found
Malicious code in tw-fluid-type (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c3bc3497d6c683f52210ca201500d27cf9e2bcccd976883be2ed85d17569b54 The package advertises itself as a Tailwind CSS fluid-type plugin but ships src/utils/lib.min.js, which is loaded as a side effect when the package's...
Malicious code in @common-stack/generate-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54a3dc296ec3f6dbded973e24aa9794b498cc1e8305fc3d1f88a4fdff7335df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @doaction/types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4092c28082abff16427aa0e246a327796294411786dae585fb4ab3114ad6504f @doaction/[email protected] is a dependency-confusion lure targeting an internal @doaction scope. The package.json declares "version": "99.99.99" and pi...
Malicious code in @hcs-hybrid/uirouter-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27a0d7e172f9959faebfaed919369b4cd7a6321d9ae58986de045174908d431c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in auth0-android-helper-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bbf606b203b722af6caf26888ddc7c9bb9c1bc4117d52c963615a998b3bf933 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4301 Malicious code in auth0-android-helper-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bbf606b203b722af6caf26888ddc7c9bb9c1bc4117d52c963615a998b3bf933 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4302 Malicious code in auth0-aspnetcore-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a65e2c9bb72bed2f85cc5ce144070401adc82275fbdceee1345e245bd8b69dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gbrlxvii/ts-project-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccd044c036fa133a25ae5988694388a63c47a5edcf58c36d1dad610b8d1194a0 The package self-describes as a TypeScript linter but on require silently loads lib/perf.js wrapped in try/catch in index.js which performs...
MAL-2026-4377 Malicious code in @ctrl/plex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20e1aad15739a79a359d88099a004fa395b66df8845c10823824e848f095c568 The @ctrl/ npm scope was compromised in the Shai-Hulud supply-chain incident September 2025. Versions of @ctrl/plex published during and after the...
MAL-2026-4063 Malicious code in @antv/li-p2 (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
Malicious code in @antv/g-css-layout-api (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-3909 Malicious code in @antv/g-base (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
MAL-2026-3780 Malicious code in aliyun-internal-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ad3b492d9e89c081c72b95aba3aa4fd0c436a8f5050c7538e57dec619af2258 The package aliyun-internal-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3567 Malicious code in @uipath/project-packager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fdd50cfa0aae7619d6766f47b468fca17a04673407486d5c747f860c0c2e22b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3561 Malicious code in @uipath/packager-tool-flow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14153c2050bb9ca128e3cc52251f2321826f0e288b065f37d74b5479a29cf70d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/llmgw-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b2a10d3449dbb21333a81b53c4eab1037a00c862459fa93155f1bd9a94102ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3530 Malicious code in @uipath/api-workflow-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d32baa584fef58e39e73ce0f2a965cccdbc83a96e6011743224267b3832d8759 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @beproduct/nestjs-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eead7b1c6446924fec345e042b8bd966ea184deae755f876326cf99040f5f107 The package @beproduct/nestjs-auth was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3494 Malicious code in @tanstack/virtual-file-routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c95e413c2e182a7d35b0ec3ba9f2a979d63c77c1a7f20a6204059f7b66b433bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in json-dec (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de1db9ce26e4c5f4788ebbf809fede48364dd0741a8f4d0aa5580fac4b199f59 The package json-dec was found to contain malicious code. Source: ghsa-malware ad7f787412af0259dfcb2bcbb7429600fcb3c8a92510c70699961455caddd9ad Any...