MAL-2026-4127 Malicious code in amapcn (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2025-191470 Malicious code in org.mvnpm:posthog-node (Maven)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security ea90a5928d7667bed4fa9f6effbbe6c8d3ad6521ca51ca2b01551bc02373a7d2 This package was compromised by the Sha1-Hulud: The Second Coming NPM worm. The malicious payload steals tokens and credentials and...

MAL-2025-191361 Malicious code in @voiceflow/nestjs-timeout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d9067ab95136128bf92e8d28b434d340ae4fd7cd2c8e06f3378c71c3f6f2b1 The package @voiceflow/nestjs-timeout was found to contain malicious code. Source: ghsa-malware...

Malicious code in @voiceflow/natural-language-commander (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcffcb39c546d02117506c26844a1fddcedc61f18cd934b27642817c62189437 The package @voiceflow/natural-language-commander was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191395 Malicious code in eslint-config-kinvey-flex-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2a9878339c2f4bb9dd2871f516aa58a93438018366470f0a023f02178420971 The package eslint-config-kinvey-flex-service was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191354 Malicious code in @voiceflow/logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8694ddb108f95b95b2ab31e65a4ff5ec96ff47c5acbbdbec749b7319fe58e3bc The package @voiceflow/logger was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191358 Malicious code in @voiceflow/nestjs-mongodb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2004e6b1248a0973eb52ceacef7b58dbf4de7c31813ea2b67f07e2788ad3205e The package @voiceflow/nestjs-mongodb was found to contain malicious code. Source: ghsa-malware...

Malicious code in @antstackio/express-graphql-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13ae25cf8547b5efb95597b0e90ea4105e03417563ff724dd9c720c49b4c52d2 The package @antstackio/express-graphql-proxy was found to contain malicious code. Source: google-open-source-security...

MAL-2025-191442 Malicious code in uniswap-smart-order-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dbda3147fde915a97ddd97f51f5ebc1757fa14bca7cad95f333862ad125c3c1 The package uniswap-smart-order-router was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191440 Malicious code in unemail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab85da66679658527998fff8168e3b97437350aa560bd2f9a18de4171b36cece The package unemail was found to contain malicious code. Source: ghsa-malware cd2b1b9910355ac232a34187e9264c453d615336362d4208d481cebe5ef8b250 Any...

Malicious code in @viapip/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a2ddabc23b929acc07d5de338f333eb95ec7682ce84cef2747787ae9e473ec The package @viapip/eslint-config was found to contain malicious code. Source: ghsa-malware...

Malicious code in @trackstar/react-trackstar-link-upgrade (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 461a58528df6fa02843e6ddff3edefa762e12d5f5beaa15f3098238118347d6e The package @trackstar/react-trackstar-link-upgrade was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191055 Malicious code in @thedelta/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bf18ec0224183e37e3d7ce155ce74e57988e6cdf5c817d06f892ad4b22a7546 The package @thedelta/eslint-config was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191124 Malicious code in lint-staged-imagemin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8cfbe33b97d4e3997d348c9532c834715e755ea1d28a6b30f2276209d4f45db The package lint-staged-imagemin was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190882 Malicious code in @posthog/hedgehog-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5b044ae176df3e6019c54c314bdf3ec17c98741510cf5c024f85a07c7e520b1 The package @posthog/hedgehog-mode was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190864 Malicious code in ra-data-firebase (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e18e2fda31999ba999f5629853253dd8ff93b75237944d8c2971c2f54381cc13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-190850 Malicious code in medusa-plugin-momo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4670d82d1db3b1865426e69d47798cb98aaed8be48cec99e86be3741872aa936 The package medusa-plugin-momo was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190848 Malicious code in lite-serper-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4004eeb497395a7e5423b056c76905cd2679f242fc432352479ee7b657383084 The package lite-serper-mcp-server was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190800 Malicious code in @asyncapi/php-template (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81619d0ddfa1696b71c550ba94be4ddbdaed53aaef37376f8024945422da51b5 The package @asyncapi/php-template was found to contain malicious code. Source: ghsa-malware...

MAL-2025-190841 Malicious code in evm-checkcode-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67c49d35b6096e7c647d830c11a75a90f1bd3b90677f1c72d1bdefcd87b134e8 The package evm-checkcode-cli was found to contain malicious code. Source: ghsa-malware...