280 matches found
MAL-2026-4718 Malicious code in weavedb-exm-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78ab05b11a1c784b066c89ffaff7bdf3a3351c611818e1d310cf718a64f20aec package.json declares "preinstall": "./vendor/setup", causing every npm install weavedb-exm-sdk to execute vendor/setup — a 976,568-byte Linux x86 EL...
Malicious code in weavedb-exm-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78ab05b11a1c784b066c89ffaff7bdf3a3351c611818e1d310cf718a64f20aec package.json declares "preinstall": "./vendor/setup", causing every npm install weavedb-exm-sdk to execute vendor/setup — a 976,568-byte Linux x86 EL...
Malicious code in weavedb-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...
Malicious code in atomic-notes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c70dcf4fd11ae58bf4e06b896b2f163d54e3c3a26b66d472bab1e0af126f6f81 package.json declares preinstall:./.github/scripts/precheck, which executes a 976 KB stripped, UPX-packed Linux x8664 ELF shipped at...
MAL-2026-4486 Malicious code in atomic-notes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c70dcf4fd11ae58bf4e06b896b2f163d54e3c3a26b66d472bab1e0af126f6f81 package.json declares preinstall:./.github/scripts/precheck, which executes a 976 KB stripped, UPX-packed Linux x8664 ELF shipped at...
MAL-2026-4719 Malicious code in weavedb-exm-sdk-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...
Malicious code in weavedb-exm-sdk-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...
MAL-2026-4726 Malicious code in weavedb-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2da95bd75489853f6b09a9aef5a5ee03ee6715b41dac446d29f273c750027a3 package.json declares "preinstall": "./dist/runtime.node", which directly executes a 976KB Linux ELF binary at every npm install. The .node extension...
MAL-2026-4566 Malicious code in fpjson-lang (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38aca097f261c15ef9901f259883679e2d4308d6e4053099643c8befe9a14318 package.json declares "preinstall": "./bin/install-deps", causing npm to execute a 954KB packed Linux ELF binary on every install. The package...
Malicious code in cwao (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48b0fefe9d99bcebeaa878f5bb2ca40df917b40785d6b5b8a31cf6e70a44970 package.json declares "preinstall": "./vendor/setup", which directly executes a 976,568-byte packed Linux x86 ELF binary shipped in the tarball. The...
MAL-2026-4480 Malicious code in aonote (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df30872a579b6ce2419993ff9bad621f42347097dd43551a26583223e6a98a7b package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976KB UPX-packed Linux x86-64 ELF sha256 36abd242... shipped ...
Malicious code in aonote (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df30872a579b6ce2419993ff9bad621f42347097dd43551a26583223e6a98a7b package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976KB UPX-packed Linux x86-64 ELF sha256 36abd242... shipped ...
Malicious code in weavedb-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886f22636b5e4726978e23b10a4311fb7e65c2b10003da72429348fa617884d1 package.json declares "preinstall": "./vendor/setup", which runs a 976KB packed Linux x86 ELF binary sha256...
MAL-2026-4715 Malicious code in weavedb-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886f22636b5e4726978e23b10a4311fb7e65c2b10003da72429348fa617884d1 package.json declares "preinstall": "./vendor/setup", which runs a 976KB packed Linux x86 ELF binary sha256...
Malicious code in weavedb-node-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d174728fc7469b023ece1980797185c35abd74c56e253bc1dc1b295a46a1dbd2 package.json declares "preinstall": "./tools/setup", unconditionally executing a 976KB UPX-packed, stripped Linux x86 ELF on every npm install. The...
MAL-2026-4721 Malicious code in weavedb-node-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d174728fc7469b023ece1980797185c35abd74c56e253bc1dc1b295a46a1dbd2 package.json declares "preinstall": "./tools/setup", unconditionally executing a 976KB UPX-packed, stripped Linux x86 ELF on every npm install. The...
MAL-2026-3650 Malicious code in microsoft-applicationinsights-common (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
MAL-2026-3648 Malicious code in auth-javascript (npm)
Three malicious npm packages published by the superbase account implement a dual-vector supply chain attack. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at .claude/settings and a companion .claude/settings.json that registers the binary as a Claude Code SessionStart hoo...
Malicious code in ms-graph-types (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
MAL-2026-3651 Malicious code in ms-graph-types (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...