Malicious code in web3.prc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6db6feb92bb662bbf24ea3769595c836f3443f8fb33833b094134f294704af70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4308 Malicious code in core-utility-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf63d686ef961c38d281d369f2f1b2cf4e2baf9c25f3e6a62672a9ac9b979963 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @antv/github-config-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in @antv/gi-sdk (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in rich-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

Malicious code in @tallyui/theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34578fa5c77db2b21dd15d3357fc2b7c4d36a2ce4d1d44f86daa5c04561d662c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-30495

The CVE-2026-30495 entry concerns the Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0). Technical details in the connected documents show an exploitable condition where ADB is exposed over TCP port 5555 without authentication (ro.adb.secure=0) and a functional /system/xb...

Malicious code in @aircall-ecosystem/integrations-msteams-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4343cd15bb1d3104166b2ddf4f549bc184fde49233b5cfba97f353f00a8c2a2e The package @aircall-ecosystem/integrations-msteams-frontend was found to contain malicious code. Source: ghsa-malware...

Malicious code in oce-collaborate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8f69f2284ec7835136d41eb191227cc52ebfeafd3b33c0f7ce2d94ffd24cb88 The package oce-collaborate was found to contain malicious code. Source: ghsa-malware c217eb60fb78e5a6fde1b59cd586b4ad864bd1ad9cde77d6b50a79341d4d58d...

MAL-2026-385 Malicious code in blocks-builder-manifest-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30f5efa34a1c44d974502110177cb7a60daf579349ed25937e66e342f7f7c24f The package blocks-builder-manifest-generator was found to contain malicious code. Source: ghsa-malware...

MAL-2026-401 Malicious code in victim-package-c (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 184f83df9021c2d9d54bd3201652ab449b3c54a606b87c484d0a16a657005cf8 The package victim-package-c was found to contain malicious code. Source: ghsa-malware c9415f83d650ad0546aeb398d909c1b7aa8c983d9ca0c37f72e68526eaf6bb...

MAL-2026-244 Malicious code in helium-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643f63c743fd06fb24cb2d488e001ce0efab3f0d82014801ea2eebad96041692 The package helium-module was found to contain malicious code. Source: ghsa-malware d34558c0d1e56c0103ad087e485e142f3918050a1b0bdc15fc7e7b46c1a2ae1f...

Malicious code in simple-string-utils3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d9f9db863d718f528caa234dfa722b2631eb76195f504f47670898aeb0634a The package simple-string-utils3 was found to contain malicious code. Source: ghsa-malware...

MAL-2025-192987 Malicious code in npm-xmt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcf1d57a75f915c7959a484b36e4b23c72425b90256a860d8d52e058599af296 The package npm-xmt was found to contain malicious code. Source: ghsa-malware 66603f4e5606fa61cf79355902ed86e376156cd0b163be93e0b471b87180e0b2 Any...

Malicious code in monoblast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d77da2ba877fe8f60939aa31a965bd4b4f0a4265edff812ebd8817aa008c674 The package monoblast was found to contain malicious code. Source: ghsa-malware 528645f69305646755172e18341eb5b57038d4f5f46faa93b040fc361e85fedf Any...

Malicious code in no-unsupported-browser-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e421e834a041473c40faa9f19e564697a54e65c126010d4916e2927c757c4e78 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48269 Malicious code in vite-next-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349c5908fb3c2430a77d9a6c96edebbbbda04c5d50a0826b4c0f7e8d002ba345 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48246 Malicious code in mad-1.2.9.2.2.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9ee7df3c05d745488aab56d8e7e24dcc135b735d5f8b1f7a620b635e2d1514e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48212 Malicious code in redirect-s7usff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware faeb7411d951b4e0d7d23cff65a289f7e1fcc74c20e8b09018d465d41d490cc3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48108 Malicious code in redirect-1hvx9g (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 811a6896f73fe5f0b353662e9cb94f319cce1d35d89c4babf11fb1431f3ea842 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...