1244 matches found
Malicious code in nottuff17 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 072d84530e09f130a4d3ffb8f525b8bbcc0833f402ddfb66ebb39e9f85155a09 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0425e16f6f6a24f1e657ceb1c80a24330f655a496c9d1bb22a2de0cd41423f0a The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in nottuff2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2505cd60f257bd1c69e2bd6ccbaa987e2045a453adb8c0e1c529c34afade95c7 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in abuden25 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f03c9f736be5719a51f9b5cf2a256ab6d2a295f1fb79b7a937932f658d2e268 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in imillegal5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f821da7c50910d456dfcf5a26ae1afd56a7ec95836a16f570edb014d02a6608 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in ishowfeet6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36674107d4252d441750a35559267123dd2bcb958925071bef6475a41d6e519a The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
Malicious code in sixseven3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c8f4197e26649b629a6605099f9ca45ff63f04e58e5021a0f1ed410ac56cfd1 The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...
Malicious code in ratelimitsucks3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a45b50938677bb4c4bcdeee48af3fd57a8204d48d6aff16a1351ae814491391 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-6968 Malicious code in rony-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be1a5728b472335e46d1df74becaf6355424f1f32d068bb517c079d88cacc03c The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo.username, hostname...
Malicious code in some-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97420170b95f54c404226b47901bbd45ec03ed0a427369b50add75297a2dcb80 Package [email protected] was scanned across 2 files with no a static rule matches and no behavioral findings. No install-time lifecycle execution, n...
MAL-2026-6942 Malicious code in some-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97420170b95f54c404226b47901bbd45ec03ed0a427369b50add75297a2dcb80 Package [email protected] was scanned across 2 files with no a static rule matches and no behavioral findings. No install-time lifecycle execution, n...
MAL-2026-6918 Malicious code in base58-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60a7d188e2cd79918987f2008e93bb80ea9979d791b357f8f7cfd892321ded6c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in express-deflect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 284d3f4c5f55f69391b1172ba9d2c714e3ae358a2c92a501049a1495547e1588 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in txs-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74154a8e4e769872929446eb17b4dc59a1b491508c7bd05e55d1cdb232ecf2aa The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6864 Malicious code in polymarket-onchain-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 718b7995129eb1a8723f77a2c24288aa0160db9903f33468a29a11ec3af29d1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in npm-eslint-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc5c1992c3d9f33bca28c1ce098d769809e44a12a671972925815e9890e5e9f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6837 Malicious code in eth-tick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6803 Malicious code in big256-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 18f547bc04e09d0a4a99ac1e49992abd3dc35c02ad1bd963e8d0d07fd0e11464 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6938 Malicious code in pinokio-redis (npm)
pinokio-redis is a malicious npm package and part of the multi-wave "forge-jsx" cross-platform RAT campaign Wave 4. It was published by npm account 'donimique' [email protected]. The package.json description 'Node.js integration layer for Autodesk Forge' and the bundled README.md literally...
Malicious code in @lodash-en/lodash-en (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ccf4c6fcb3eb02a4b990660b8a47961f0cd393915787990149de40ee1b201a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...