149 matches found
MAL-2026-6862 Malicious code in pino-pretty-logs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7864fcfe92b62b2ddc003e696cbe02d18e0979f4336bff4cc9352f318b260fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pino-formatter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6318f85af0cd86060232fbc606115e300e1022220ffda545f9e6c6157ef6f55 Package masquerades as a pino-pretty-style logger but performs multiple installer-harming actions when required. On import, dist/logger.js: 1 on Linu...
Malicious code in @mgcrae/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31dc9253706aebd955016075e321d19d7dfc9b231882d7b24a6c932fa3dfa80 The package @mgcrae/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview @mgcrae/pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview jellyfi-pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview @logcore/pino-pretty-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in jellyfi-pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1230eb2336763c228ba6ac98d349f8cc64a1ae28755d8da374f336e77aa928 The package jellyfi-pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in @logcore/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2318 Malicious code in @logcore/pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a729cc1811bd1bc1fa94404ad4bcd8376c1a29b90311fd2a89efecff51fe592 The package @logcore/pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2324 Malicious code in jellyfi-pino-pretty-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d1230eb2336763c228ba6ac98d349f8cc64a1ae28755d8da374f336e77aa928 The package jellyfi-pino-pretty-logger was found to contain malicious code. Source: ghsa-malware...
Malicious code in pino-pretty-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2a9c035f47cbd6beb9e2f47299a689f13823a21eaef04fd6abfa9035dcb120e The package pino-pretty-log was found to contain malicious code. Source: ghsa-malware 5ddd0444ff8834bc42162fb1d88cf6d71f6044c2a636cde204484f654ce6589...
MAL-2026-2155 Malicious code in pino-pretty-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2a9c035f47cbd6beb9e2f47299a689f13823a21eaef04fd6abfa9035dcb120e The package pino-pretty-log was found to contain malicious code. Source: ghsa-malware 5ddd0444ff8834bc42162fb1d88cf6d71f6044c2a636cde204484f654ce6589...
EUVD-2025-199397
Malicious code in @voiceflow/pino-pretty npm...
Malicious code in @voiceflow/pino-pretty (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d83773dcab47d7affa39ddff351187eb072a563a8e3a84ef0d0b525c0f5e0185 The package @voiceflow/pino-pretty was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191365 Malicious code in @voiceflow/pino-pretty (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d83773dcab47d7affa39ddff351187eb072a563a8e3a84ef0d0b525c0f5e0185 The package @voiceflow/pino-pretty was found to contain malicious code. Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@voiceflow/alexa-types (>=1.1.3 <=1.49.0), @voiceflow/api-sdk (>=1.0.0 <=1.31.6) +6 more potentially affected by unknown CVE via @voiceflow/pino-pretty (>=4.3.0 <=4.4.0)
@voiceflow/pino-pretty NPM version =4.3.0, =1.1.3, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =1.4.2, =1.10.2, =1.0.0, =1.17.4 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWPINOPRETTY-14103427...
Malicious code in bellatrix-command-testcafe-pino-pretty (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b703a2d20efa32ac0ae07b76175be8aa18b3f4ebfa944f7d27fafa977a66963 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177173
Malicious code in pino-pretty-ariel-ursa-query npm...
Malicious code in slidev-odin-charon-pino-pretty (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10a6f20651e71b9191c950fc2cbdba6720c98b9935f61ba97cc07e440604538e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...